Threat Center Security News New Vulnerability Discovered in Microsoft Access
New Vulnerability Discovered in Microsoft Access Print E-mail
Written by Rebecca Mints   
Thursday, 06 March 2008 08:28

PandaLabs has uncovered a new vulnerability in Microsoft Access.  Several months ago a similiar issue was detected in Access as well.

Compounding the problem is the fact that hackers are very actively exploiting this vulnerability to silently install malware on unsuspecting users' computers.  A common threat criminals are using is to dispatch the Keylogger.DB trojan, which by logging users' keystrokes, can steal sensitive data from users such as bank account numbers or passwords needed for access to encrypted sites and programs.

By embedding malicious code in Access files (.mdb) criminals can exploit the vulnerability. The technical director of PandaLabs Luis Corrons had this to say:  "whenever a vulnerability of this type appears, cyber-crooks will try to take full advantage of it.  We can therefore expect to see more malicious Access files in circulation that contain not only this Trojan, but also other types of threats."

Currently there is no patch available to fix the problem, so in the meantime PandaLabs suggests that users of Access do not open any suspicious files and to stay up-to-date with their security solutions.

REFERENCES:

PandaLabs Discovers a New Vulnerability in Access Now Being Used to Infect Computers

 

WTW Threat Level