Microsoft issued today an advisory saying that the company is investigating new reports about a vulnerability that affects Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac.

According to the reports, the vulnerability could allow remote code to be executed on a computer. For the moment, there are only targeted attacks that attempt to use this vulnerability and Microsoft said the risk is limited. For the attack to be successful, the victim would have to open a specially-crafted Excel file.

Also the company said that the vulnerability is not affecting those users, who are using Microsoft Office Excel 2007 or Microsoft Excel 2008 for Mac, or who have installed Microsoft Office Excel 2003 Service Pack 3. In addition, customers who have installed Microsoft's Office Isolated Conversion Environment (MOICE) are immune to the effects of the vulnerability.

“Microsoft is investigating the public reports and customer impact. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs,” the company stated in its advisory.