Microsoft Jet Database Engine Vulnerability

Microsoft has released a Security Advisory to address a vulnerability in Microsoft Jet Database Engine. This vulnerability is due to a buffer overflow condition in msjet40.dll. By convincing a user to open a Word document that is designed to load a specially crafted database file using msjet40.dll, an attacker may be able execute arbitrary code.

US-CERT encourages users to review Microsoft Security Advisory 950627 and apply the suggested workarounds.

US-CERT will provide more information as it becomes available.