Experts believe the new flaw resides in the Jet Engine, the same place where McAfee researchers in December discovered a similar bug. The Jet Engine is a database manager upon which programs, such as MS Access, are built.
In the December case, bogus Microsoft Access Database (MDB) files were attempting to take advantage of a stack-based buffer overflow vulnerability that occurs when MS Access processes specially crafted database files.
Microsoft considers MDB files, which permit embedded script, unsafe and has said that standard programs such as Internet Explorer and Outlook already block them.
A Microsoft spokesman could not immediately be reached for comment.
See original article on scmagazineus.com
New Microsoft Access exploit in wild: Panda
By
Dan Kaplan
on Mar 5, 2008 3:42PM
PandaLabs researchers said they have discovered a public exploit taking advantage of a new vulnerability in Microsoft Access Database.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Promoted Content
The five questions every storage buyer should ask
Promoted Content
Four signs your organisation is paying a massive innovation tax, and how to fix it
Promoted Content
Why there is no upside to sending data offshore for storage
Promoted Content
Why cloud data protection is about more than just backup
Sponsored Whitepapers
The 5 steps to effective data protection
Understanding the next security control points: applications and workloads
Best security practices after rapid Digital Transformation
The CISO View 2021 Survey: Zero Trust and Privileged Access
How and why to backup your Office 365 tenant
