Re: Microsoft warns of new attack on Word

Author	All Replies
jeno @bellsouth.net	reply to SUMware Re: Microsoft warns of new attack on Word Microsoft Jet DataBase Engine MDB File Parsing Remote Buffer Overflow Vulnerability To exploit this issue, an attacker must entice a user into opening a malicious file. Workarounds Microsoft has tested the following workarounds. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section. Restrict the Microsoft Jet Database Engine from running. To implement the workaround, enter the following command at a command prompt: echo y\| cacls "%SystemRoot%\system32\msjet40.dll" /E /P everyone:N To undo the workaround, enter the following command at a command prompt: echo y\| cacls "%SystemRoot%\system32\msjet40.dll" /E /R everyone Impact of Workaround: Any application requiring the use of the Microsoft Jet Database Engine to make data access calls will not function. Microsoft Security Advisory (950627) Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code Execution Published: March 21, 2008: »www.microsoft.com/technet/securi···627.mspx The following exploit caused my SAVCE(updated today) to quarantine "Trogen.Horse"... UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. The following exploit is available. Symantec has not verified this exploit. * /data/vulnerabilities/exploits/26468.mdb »www.securityfocus.com/bid/26468/exploit
jeno @bellsouth.net	to forum · permalink · 2008-03-22 17:07:10 ·
jeno @bellsouth.net	Correction: The following exploit caused my SAVCE(updated today) to quarantine"Trojan Horse"
jeno @bellsouth.net	to forum · permalink · 2008-03-22 18:43:59 ·


Saturday, 17-May 18:54:08	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact 8th year online! © 1999-2008 dslreports.com. page compression OFF