Arctic Liquid Freezer II 280 liquid cooler review
Team Group MP33 NVMe 512 GB SSD Review
ADATA SE800 1TB Portable SSD review
Promo: Microsoft Office 2016 for $29.82
Corsair H100i RGB Pro XT liquid cooler review
Corsair K95 RGB PLATINUM XT review
AORUS Radeon RX 5700 XT 8G review
Promo: Windows 10 Pro licenses for only 12 USD
Endgame XM1 gaming mouse review
Guru3D Rig of the Month - December 2019
(0day) Microsoft Windows Jet Database Engine Vulnerability
Trend Micro Security has found a bug in Microsoft's Jet Database Engine, a database system used in Microsoft Access and Visual Basic. A person could make an out-of-bounds write to the database, resulting in the ability to execute code remotely.
According to an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page. Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Click here to post a comment for this news story on the message forum.