Microsoft said Monday that attackers are exploiting a zero-day ActiveX vulnerability in the Snapshot Viewer for Microsoft Access.
The vulnerability -- which could be exploited to execute remote code -- affects the ActiveX control for the Snapshot Viewer in Office Access 2000, 2002 and 2003, said Bill Sisk, security response communications manager for Microsoft.
The ActiveX control lets users view Access report snapshots without needing the standard or run-time versions of the database management system.
Users may be infected if they are driven to a specially crafted website, according to a Microsoft advisory issued Monday. Attackers can then assume the same privileges as the logged-on user.
Microsoft, in the advisory, suggests a number of workarounds, including disabling Active Scripting, allowing only trusted sites to run ActiveX controls and Active Scripting, and preventing component object model (COM) objects from running in Internet Explorer (IE).
"We encourage affected customers to implement the manual workarounds included in the advisory, which Microsoft has tested," Sisk said. "Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors."
One mitigating factor is a default configuration built into IE on Windows Server 2003 and 2008 that restricts user privileges, he said.
See original article on SC Magazine US
Microsoft investigates ActiveX public exploits
By
Dan Kaplan
on
Jul 8, 2008 11:10AM
Microsoft has revealed that attackers are exploiting a zero-day ActiveX vulnerability in Microsoft Access.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future

Video: Watch Juniper talk about its Aston Martin partnership