Corsair M65 RGB Ultra mouse review
Asus ROG STRIX XG43UQ monitor review
Netduma R2 router review
TerraMaster F5-422 NAS Review
Radeon RX 6600 (Sapphire Pulse) review
Radeon RX 6600 (Gigabyte Eagle 8G) review
PowerColor Radeon RX 6900 XT Red Devil review
Corsair Sabre RGB Pro Wireless mouse review
Far Cry 6: PC graphics performance benchmark review
Colorful GeForce RTX 3060 Bilibili 12G review
(0day) Microsoft Windows Jet Database Engine Vulnerability
Trend Micro Security has found a bug in Microsoft's Jet Database Engine, a database system used in Microsoft Access and Visual Basic. A person could make an out-of-bounds write to the database, resulting in the ability to execute code remotely.
According to an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page. Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Click here to post a comment for this news story on the message forum.