ASUS STRIX X570-E Gaming review
EK Classic RGB P240 review
Promo: VIP-SCDKey Games and Windows 10 / Office
Synology DS620slim Gigabit NAS Review
Fractal Design Vector RS review
Corsair iCUE 465X review
be quiet! Pure Base 500 review
Borderlands 3: PC graphics performance benchmark review
Swiftech H240 X3 AIO review
Promo: URCDKey Autumn Sale Windows 10 Pro for $11
(0day) Microsoft Windows Jet Database Engine Vulnerability
Trend Micro Security has found a bug in Microsoft's Jet Database Engine, a database system used in Microsoft Access and Visual Basic. A person could make an out-of-bounds write to the database, resulting in the ability to execute code remotely.
According to an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page. Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Click here to post a comment for this news story on the message forum.