Government Technology

MS Access Vulnerability Being Used to Infect Computers


You May Also Like

March 10, 2008 By

A new vulnerability in Microsoft Access has been discovered by PandaLabs. This is a similar security problem to the one discovered a few months back, categorized as CVE-2007-6026. The newly discovered flaw also affects the msjet40.dll library, at a different point.

The problem is exacerbated by the fact that cyber criminals are already actively using this security hole to install malware silently on computers. Specifically, it is being used to distribute the dangerous Keylogger.DB Trojan, designed to steal confidential data by logging users' keystrokes.

This security hole is exploited through maliciously-crafted Access files (.mdb), embedded with malicious code.

According to Luis Corrons, technical director of PandaLabs, "Whenever a vulnerability of this type appears, cyber-crooks will try to take full advantage of it. We can therefore expect to see more malicious Access files in circulation that contain not only this Trojan, but also other types of threats."

To avoid falling victim to this security problem, users are advised not to open suspicious files received or downloaded from the Internet, and to keep their security solutions up-to-date, especially since there is currently no patch available to resolve this vulnerability.


You may use or reference this story with attribution and a link to
http://www.govtech.com/security/MS-Access-Vulnerability-Being-Used-to.html


| More

Comments


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

GovTech Papers and Case Studies View Library


Sponsored Links



Phone RSS

Government Best Practices

» A New Model for Human Resources
» Abandoning the High Cost of Enterprise Content Management



Government Technology
Public CIO
Emergency Management
Digital Communities