ASUS ROG SWIFT PG43UQ review
Sabrent Rocket 1TB NVMe SSD review
Resident Evil 3: PC graphics performance benchmark review
Palit GeForce GTX 1650 KalmX review
Guru3D Rig of the Month - March 2020
Deepcool Gamer Storm Macube 310P review
NVIDIA Shield Android TV 2019 review
Fractal Design ERA ITX chassis review
Gigabyte TRX40 Aorus Master review
XFX Radeon RX 5600 XT THICC 2 review
(0day) Microsoft Windows Jet Database Engine Vulnerability
Trend Micro Security has found a bug in Microsoft's Jet Database Engine, a database system used in Microsoft Access and Visual Basic. A person could make an out-of-bounds write to the database, resulting in the ability to execute code remotely.
According to an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page. Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Click here to post a comment for this news story on the message forum.