
In the December case, bogus Microsoft Access Database (MDB) files were attempting to take advantage of a stack-based buffer overflow vulnerability that occurs when MS Access processes specially crafted database files.
Microsoft considers MDB files, which permit embedded script, unsafe and has said that standard programs such as Internet Explorer and Outlook already block them.
A Microsoft spokesman could not immediately be reached for comment.
See original article on scmagazineus.com