An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.
This vulnerability exists in the ActiveX control used by IE to display Excel spreadsheets. Microsoft mentions that they are aware of active exploits against this vulnerability and at the moment there is no patch, just a a workaround. Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft advisory…

Windows Vista is now available for IT professionals and developers with MSDN and TechNet subscriptions In the coming weeks Microsoft will start the Windows Vista Customer Preview Program CPP for developers and IT professionals who are not members of the subscription services Windows Vista comes with a breakthrough user experience and is designed to help you feel confident in your ability to view find and organize information and to control your computing experience The visual sophistication of Windows Vista helps streamline your computing experience by refining common window elements so you can better focus on the content on the screen…