Jet vulnerability under attack

Stephen Withers
Tuesday, 25 March 2008 00:57

Your IT - Home IT

Microsoft has warned that a Word-based exploit for a flaw in the its Jet database engine has been discovered.

According to the company only "a very limited, targeted attack" has been seen so far.

Microsoft's initial analysis is that Word 2000 SP3, Word 2002 SP3, Word 2003 SP2, Word 2003 SP3, Word 2007 and Word 2007 SP1 running on Microsoft Windows 2000, Windows XP, or Windows Server 2003 SP1 are all vulnerable.

The version of Jet included in Windows Server 2003 SP2, Windows Vista and Vista SP1 does not have the buffer overflow vulnerability that is being exploited.

The Jet database engine is used by Access, Word and other pieces of software from Microsoft and third-party developers. Microsoft's investigation of the problem includes a consideration of the possibility that the underlying flaw can be exploited via other applications.

Symantec has been reporting Jet vulnerabilities and targeted attacks involving .mbd (Access) files since March 2006, according to Elia Florio, senior security response engineer, but Microsoft's response has been that .mdb files are considered 'unsafe' by Internet Explorer, Outlook and other applications, so the underlying bug cannot be regarded as critical.

CONTINUED