Microsoft Excel contains a vulnerability that allows for the execution of arbitrary code in the context of the local user. The exploit occurs when Excel attempts to open and then recover what it thinks is a damaged workbook using the repair mode.
Microsoft has released an advisory about this issue, and it is available at:
A patch for this vulnerability was released on July 11, 2006. For more details, please see:
F-Secure Anti-Virus detects this malware with the following updates:
Version = 2006-06-19_01.