Data Management

Exploit targets flaw in Microsoft Access database

US-CERT warns against targeted phishing attacks with e-mails containing malicious Microsoft Access database files, which take advantage of a buffer overflow vulnerability.

US-CERT warns against targeted phishing attacks with e-mails containing malicious Microsoft Access database files, which take advantage of a buffer overflow vulnerability.

An excerpt from Heise Security:

Specially crafted Microsoft Access database files can be used to attack Windows PCs, according to a warning from US-CERT. Under certain circumstances, attackers can exploit an unpatched vulnerability in the Jet Engine used in Microsoft Office Access 2003. When manipulated MDB files are parsed, a buffer overflow occurs, allowing code to be written onto the application's stack and launched. An exploit has been available since the vulnerability was reported around a month ago

The flaw could result in the execution of a remote code on the system. MDB files are not an attachment that a user comes across often (a reason why the mail would be viewed with suspicion), but targeted attacks could be costly.

An excerpt from Washington Post:

The files are not something that the average user would come across on a daily basis, he added. ".Mdb files are blocked by default in most installations of Internet Explorer and Outlook Express," he said. "I am a bit surprised to see active exploitation happening over this vector."

More information:

Hackers Exploit Access Database Flaw (PC World)

Attack exploits 'unsafe' Windows files (VNUnet)

0 comments

Editor's Picks