US-CERT warns of Microsoft Access Database attacks

Summary:According to a US-CERT alert, the attacks are using an unpatched stack buffer overflow vulnerability in the way Microsoft Access handles specially crafted database files.

US-CERT warns of Microsoft Access Database attacks
On the same day Microsoft issued fixes for at least 11 Windows software flaws, the U.S. Computer Emergency Response Team (US-CERT) warned that hackers were using malicious Microsoft Access databases to launch attacks against unknown targets.

According to a US-CERT alert, the attacks are using an unpatched stack buffer overflow vulnerability in the way Microsoft Access handles specially crafted database files.

Opening a specially crafted Microsoft Access Database (e.g., .MDB) can cause arbitrary code execution without requiring any additional user interaction. Microsoft Access files are considered to be high-risk, so it may be possible to execute arbitrary code without using a vulnerability in Microsoft Access.

Mark Miller, a director in Microsoft's security response center, said the company is aware of the attack reports and stressed that the file type being used (.MDB) is an unsafe file type. "Various Microsoft applications prevents users from opening this type of file, or warns them before they open the file," Miller said via e-mail.

To help protect against this type of attack, US-CERT recommends:

  •     Do not open attachments from unsolicited email messages
  •     Block high-risk file attachments at email gateways

A proof-of-concept exploit for a code execution hole in the Jet DB engine (which is built into Microsoft Access) is publicly available.   The flaw affects Microsoft Office Access 2003 on Windows XP SP2.

Topics: Microsoft, Collaboration, Data Centers, Data Management, Enterprise Software, Security, Software

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.