Please support our Tech Talk advertiser:
Featured Entry 
Mar 24th, 2008, 7:20 am
•
•
•
•
According to reports it would appear that Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for Windows 2000, XP and Server 2003 SP1. Shame it has taken many weeks for Microsoft to admit this, and only after a second security vendor recently discovered in the wild exploits.
The vulnerability exploits bugs in the Microsoft Jet Database Engine, Jet.dll, and Symantec has stated that the attacks have been described by its own Security Response team as using malicious Word 2000, 2002, 2003 and 2007 documents to call the Windows component.
Another security outfit, Panda, claims to have blogged about the vulnerability some three weeks back but accuse Microsoft of dismissing the in-the-wild-exploits reports by saying "they would not fix these mdb vulnerabilities" which researcher Ismael Briones reckons is part of some bizarre policy not to acknowledge vulnerabilities which are from .mdb files.
Indeed, to back up the claims, the report quotes an email response from Microsoft which states "You appear to be reporting an issue with a file type Microsoft considers to be unsafe. Many programs, such as Internet Explorer and Outlook, automatically block these files."
The vulnerability exploits bugs in the Microsoft Jet Database Engine, Jet.dll, and Symantec has stated that the attacks have been described by its own Security Response team as using malicious Word 2000, 2002, 2003 and 2007 documents to call the Windows component.
Another security outfit, Panda, claims to have blogged about the vulnerability some three weeks back but accuse Microsoft of dismissing the in-the-wild-exploits reports by saying "they would not fix these mdb vulnerabilities" which researcher Ismael Briones reckons is part of some bizarre policy not to acknowledge vulnerabilities which are from .mdb files.
Indeed, to back up the claims, the report quotes an email response from Microsoft which states "You appear to be reporting an issue with a file type Microsoft considers to be unsafe. Many programs, such as Internet Explorer and Outlook, automatically block these files."
- Bill Andad, staff writer aka newsguy
•
•
•
•
advertising apple browser business crime data development email europe facebook firefox forensic gaming google hacking hardware help ibm internet iphone ipod law legal linux malware microsoft mobile mozilla news office operating phishing privacy research search security software spam survey system technology trojan video virus vista web windows xp yahoo youtube
All Recent Tags Post Comment
•
•
•
•
DaniWeb Marketplace (Sponsored Links)
Related Blog Entries
- Computing and disabilities (1 Day Ago)
- Chinese Army of Hackers attack Belgium (1 Day Ago)
- Employee sold stolen California bank computers on e-bay (2 Days Ago)
- Opera Dragonfly is a web bug predator (2 Days Ago)
- Outlook Gets Help from the Facebook Generation (3 Days Ago)
- Review: Devotec Portable Solar Charger (3 Days Ago)
- Italian government publishes declared income of every citizen on the web (5 Days Ago)
- Ballmer politely tells Yang to get stuffed (5 Days Ago)
- Babbage Engine comes alive in Silicon Valley (6 Days Ago)
- Mobile Devices Represent an Opportunity for Google; Not a Threat (6 Days Ago)
