 
|
|
In partnership with:
|
13 December 2007 US-CERT: hackers are attacking flaw in Microsoft AccessCliff Saran, Computer Weekly The US Computer Emergency Readiness Team (US-CERT) has warned that hackers are actively targeting a security flaw in the Microsoft Access system. The government security agency says it is aware of a stack buffer overflow vulnerability in the way that Microsoft Access handles specially crafted database files. Opening a specially crafted Microsoft Access Database file (".MDB") can cause arbitrary code execution without requiring any additional user interaction, said CERT. As Microsoft Access files are considered to be high-risk, it may also be possible to execute arbitrary code without using a vulnerability in Microsoft Access, said CERT. "US-CERT is aware of active exploitation using malicious Microsoft Access databases," said the agency. CERT said users should not open attachments from unsolicited e-mail messages, and should block high-risk file attachments at e-mail gateways. This article first appeared on the web-site of Computer Weekly, at http://www.computerweekly.com/Articles/2007/12/13/228585/us-cert-hackers-are-attacking-flaw-in-microsoft-access.htm. © Reed Business Information 2007.
|
|
