Older versions of Excel, including those in Office 2003 and Office 2007, were not protected by DEP or Protected View, said Microsoft.

While RSA has characterized the attack as an "advanced persistent threat," or APT -- an oft-used label for slow, stealthy attacks, typically attributed to Chinese hackers -- some security experts seemed to see it as just ordinary.

"2 emails and a Adobe Flash 0-day and you too can be an APT!" said , the CTO an WhiteHat Security, on Twitter Friday.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at or subscribe to . His e-mail address is .

in Computerworld's Security Topic Center.