CISA warns of an annoying error when Excel is misused

The US government's Cybersecurity and Infrastructure Agency (CISA) is warning of a major vulnerability in an open-source Perl library that reads Excel files.

In a security advisory published earlier this week, CISA said there is a major bug in the library called Spreadsheet::ParseExcel. The bug, now tracked as CVE-2023-7101, is described as a Remote Code Execution (RCE) flaw, meaning it can be used by threat actors to deploy and execute various types of malware, including ransomware.