Skip to content

A warning! Office from Microsoft

13-12-2007

protect.gif Users should avoid unexpected MDB files found in email or offered as downloads for websites. They should also stay up-to-date on security patches and AV protection. Hopefully, this will be patched as part of the January security updates

Active Exploitation Using Malicious Microsoft Access Databases
http://www.avertlabs.com/research/blog/ind…it-in-the-wild/
http://www.us-cert.gov/current/index.html#…file_attachment

QUOTE: Online criminals are exploiting a flaw in the Microsoft Office Access database to install unauthorized software on computers, the United States Computer Emergency Readiness Team (US-CERT) has warned. In its brief warning, US-CERT offered few details on the attack, saying simply that the organization is “aware of active exploitation” of the problem by criminals who have sent specially crafted Microsoft Access Database (.mdb) files to victims.

Exploit based on Microsoft Jet DataBase Engine MDB File Parsing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/26468
http://www.securityfocus.com/archive/1/483797

Thanks to Harry!

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: