Technology news and Jobs 
Information Technology News Jet vulnerability under attack
Information Technology News Jet vulnerability under attack | Jet vulnerability under attack |
|
| by Stephen Withers | |
| Tuesday, 25 March 2008 | |
|
Page 2 of 2
Symantec has now shown that it is possible to rename the malicious file with a 'safe' extension to get around Outlook (etc), and to create a Word file to open the file with Jet. Florio explains that for this technique to work, both files must be in the same folder - but "putting both files in the same .zip archive before sending the mail may be enough" to bring about that situation.Until a patch is available, Microsoft suggests users consider temporarily disabling Jet, blocking .mdb attachments not only by extension but by looking for signature strings at a certain offset, and avoid opening Word files received from untrusted sources or unexpectedly received from trusted sources. That patch may be delivered as part of a regular Patch Tuesday update, or if considered sufficiently important, as an out-of-cycle update.
Get stories like this delivered daily - FREE - subscribe now
|
Tags
| < Next story in category | Previous story in the category > |
|---|
