Database Attacks Confirmed by Microsoft

 
 
By Ryan Naraine  |  Posted 2008-03-25
 
 
 

An unpatched security flaw in Microsoft's Jet Database Engine is being used to launch targeted attacks against Windows users, according to an advisory from the software vendor.

The attacks, described by Microsoft as "very limited," are exploiting a buffer overrun vulnerability in the lightweight database that provides data access to applications such as Microsoft Access, Microsoft Visual Basic and third-party applications. Technical details on this zero-day vulnerability are not yet available but it is common knowledge that the Jet DB engine has suffered from major security issues over the last few years.


Read the full article at eWEEK.