 |  |  |  |  |  |  |  |
Microsoft admits Word users are at risk from critical Jet vulnerability
According to reports it would appear that Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for Windows 2000, XP and Server 2003 SP1. Shame it has taken many weeks for Microsoft to admit this, and only after a second security vendor recently discovered in the wild exploits.
The vulnerability exploits bugs in the Microsoft Jet Database Engine, Jet.dll, and Symantec has stated that the attacks have been described by its own Security Response team as using malicious Word 2000, 2002, 2003 and 2007 documents to call the Windows component.
Another security outfit, Panda, claims to have blogged about the vulnerability some three weeks back but accuse Microsoft of dismissing the in-the-wild-exploits reports by saying "they would not fix these mdb vulnerabilities" which researcher Ismael Briones reckons is part of some bizarre policy not to acknowledge vulnerabilities which are from .mdb files.
Indeed, to back up the claims, the report quotes an email response from Microsoft which states "You appear to be reporting an issue with a file type Microsoft considers to be unsafe. Many programs, such as Internet Explorer and Outlook, automatically block these files."
The vulnerability exploits bugs in the Microsoft Jet Database Engine, Jet.dll, and Symantec has stated that the attacks have been described by its own Security Response team as using malicious Word 2000, 2002, 2003 and 2007 documents to call the Windows component.
Another security outfit, Panda, claims to have blogged about the vulnerability some three weeks back but accuse Microsoft of dismissing the in-the-wild-exploits reports by saying "they would not fix these mdb vulnerabilities" which researcher Ismael Briones reckons is part of some bizarre policy not to acknowledge vulnerabilities which are from .mdb files.
Indeed, to back up the claims, the report quotes an email response from Microsoft which states "You appear to be reporting an issue with a file type Microsoft considers to be unsafe. Many programs, such as Internet Explorer and Outlook, automatically block these files."
Similar Threads
- Microsoft JET Database Engine (0x80040E14), Please Help. (ASP)
- Microsoft JET Database Engine error '80040e14' (ASP)
- Word Press 2.2 users... mulitple installation of word press blog and login once... (PHP)
- Microsoft JET Database Engine error '80040e14' (ASP)
- Microsoft Jet 4.0 Service Pack 8 problem (Windows Software)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
advertising age amd android apple avatar ballmer bluegene browser business cellphone china chips crime data database development dos downloads economy email encryption energy enterprise europe facebook firefox games gaming google government hacker hacking hardware ibm ibm.news intelibm internet iphone ipod itunes law linux mac malware marketing medicine memory microsoft mobile mozilla music news nintendo novell office openoffice opensource os pc phishing piracy porn privacy ps3 recession redhat report research russia search security sex socialnetworking software sony spam sun supercomputer supercomputing survey technology trends trojan twitter ubuntu uk video virus vista web wii windows windows7 working x86 xbox xp yahoo youtube