US-CERT warns against targeted phishing attacks with e-mails containing malicious Microsoft Access database files, which take advantage of a buffer overflow vulnerability.
Specially crafted Microsoft Access database files can be used to attack Windows PCs, according to a warning from US-CERT. Under certain circumstances, attackers can exploit an unpatched vulnerability in the Jet Engine used in Microsoft Office Access 2003. When manipulated MDB files are parsed, a buffer overflow occurs, allowing code to be written onto the application's stack and launched. An exploit has been available since the vulnerability was reported around a month ago
The flaw could result in the execution of a remote code on the system. MDB files are not an attachment that a user comes across often (a reason why the mail would be viewed with suspicion), but targeted attacks could be costly.
The files are not something that the average user would come across on a daily basis, he added. ".Mdb files are blocked by default in most installations of Internet Explorer and Outlook Express," he said. "I am a bit surprised to see active exploitation happening over this vector."
Hackers Exploit Access Database Flaw (PC World)