Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Open access through Microsoft Access

Open access through Microsoft Access

by Nikola Strahija on October 3rd, 2005 Virus writers have created a Trojan which uses an unpatched vulnerability in Microsoft Office to take over Windows PCs.


The Hesive Trojan can be disguised as a Microsoft Access file. Once opened in Access, infected .mdb files take advantage of a five-month old buffer overflow flaw in Microsoft's Jet Database Engine software to seize control of vulnerable machines.

Sightings of this Trojan are yet rare, but the creation of the first malware to target this unfixed security bug shows VXers are beginning to look at Office applications for vulnerabilities.

Microsoft is yet to fix the Database Engine glitch but the creation of malware specifically targeting a security bug with a core component of Office should speed the creation of a fix.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »