A critical Excel flaw will be part of Microsoft's Patch Tuesday release, according to information released Tuesday from security firm Fortinet. It’s Patch Tuesday, and among the holes Microsoft will be fixing is a critical flaw in the Excel spreadsheet, according to information from security firm Fortinet, which accidentally leaked the information in advance of Microsoft’s official patch release. A security advisory at Secunia.com posted today that describes an “unspecified code execution vulnerability” that is “due to an unspecified error when opening XLS files using Internet Explorer. This can be exploited to execute arbitrary code via a specially crafted XLS file with a certain unspecified opcode,” according to the post. The flaw was discovered by Jie Ma of Fortinet’s Security Research Team. According to a Fortinet advisorydetailing the problem here. “A remote attacker could construct a .xls file and put it on a controlled website. When the user opens the .xls file with the Microsoft Internet Explorer, the browser will automatically call Microsoft Excel to open the .xls file. And if specially crafted, this will cause Microsoft Excel to crash; then, the .xls may allow the attacker to execute arbitrary code.”That advisory lists Office 2000 Service Pack 3, Excel 2000, 2002, and 2003, as well as Excel Viewer 2003 are all vulnerable, as is Microsoft Works Suite 2004, 2005, and 2006. and Office 2004 and v. X for the Mac platform as vulnerable. Office 2007 is not.Office application flaws have been a favorite target of hackers lately, with holes in Powerpoint, Word and Excel being used to great effect in spreading malware. Security