Microsoft has just released an advisory and blog entry on a newly discovered vulnerability in MS Excel products. The vulnerability is, according to the blog, already actively exploited by targeted attacks.  Excel 2003SP3 and Excel 2007 are not affected, but most other versions are.