If you use Microsoft Office (who doesn’t) and Microsoft’s database, Microsoft Access, critical flaws have been found, reports News Factor which writes A flaw has been reported in Microsoft’s Latest News about Microsoft Jet database Latest News about database engine, affecting popular software applications Office and Access.
Reported by HexView, a security Latest News about Security firm, the vulnerability is caused by a memory-handling error that can occur when doing certain tasks like parsing database files.
The flaw can be exploited to execute arbitrary code if a user opens a specially formatted file marked with an “.mdb” extension in Microsoft Access.
The Jet database is used by applications like Office 2000, Office 2003, Access 2000 and Access 2003.
The vulnerability has been confirmed on a fully patched system running Microsoft Access 2003 and Windows XP Latest News about Windows XP SP1 and SP2. Other versions might also be affected.
If you get an email, with an “MDB” extension be especially careful that you do not open it UNLESS of course you are 110% percent clear of what it is.
While I’m on the subject, remember ANY email you get be suspicious if it has an attachment.