Microsoft has released an advisory related to Office Web Components Activex. The ISC has raised the Infocon to yellow due to the active exploitation of the vulnerability
from several .cn domains.
Alienvault’s feed customers are protected and covered with these directives:
45050: AV Possible Malicious Server exploiting Excel ActiveX Client against DST_IP (CVE-2009-1136)
45051: AV Possible Excel ActiveX Client side attack detected against SRC_IP (CVE-2009-1136)
45052: AV Possible Excel ActiveX Client Side Attack against DST_IP from a compromised host (CVE-2009-1136)