Microsoft reported today that a previously unknown vulnerability in Excel is being actively exploited. According to the release the issue affects older versions of Excel, including Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for OS X. The exploit requires the victim to open a malicious Excel file in order for the exploit to execute.
There is currently no fix for this issue, other than being very careful about which Excel files are opened. Microsoft said that they are working on a fix that may come out before the next patch cycle.
Microsoft’s advisory is at: http://www.microsoft.com/technet/security/advisory/947563.mspx