Active Exploitation Using Malicious Microsoft Access Databases

Home

US-CERT Computer Emergency Readiness Team

US-CERT is aware of a stack buffer overflow vulnerability in the way that Microsoft Access handles specially crafted database files. Opening a specially crafted Microsoft Access Database (e.g., .MDB) can cause arbitrary code execution without requiring any additional user interaction. Microsoft Access files are considered to be high-risk, so it may be possible to execute arbitrary code without using a vulnerability in Microsoft Access.

US-CERT is aware of active exploitation using malicious Microsoft Access databases.

To help protect against this type of attack, US-CERT recommends the following:

Do not open attachments from unsolicited email messages
Block high-risk file attachments at email gateways

More information can be found in the following:

"Using Caution with Email Attachments" Cyber Security Tip
Microsoft Knowledge Base Article "An overview of unsafe file types in Microsoft products"

Active Exploitation Using Malicious Microsoft Access Databases

Popular Words in Internet Security Alerts

Related Items