Promo: Windows 10 Pro + Office 2016 for $33
MSI Radeon RX 5500 XT GamingX 8GB review
ASUS Dual Radeon RX 5500 XT EVO 8GB review
PowerColor Radeon RX 5500 XT Red Dragon 8GB review
Gigabyte Radeon RX 5500 XT Gaming 8GB review
Sapphire Pulse Radeon RX 5500 XT 4GB review
Zotac Gaming GTX 1650 Super review
Radeon Adrenalin 2020 Edition Driver Overview
Guru3D Winter 2019 PC Buyer Guide
Corsair QL120 and QL140 RGB fan review
(0day) Microsoft Windows Jet Database Engine Vulnerability
Trend Micro Security has found a bug in Microsoft's Jet Database Engine, a database system used in Microsoft Access and Visual Basic. A person could make an out-of-bounds write to the database, resulting in the ability to execute code remotely.
According to an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page. Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Click here to post a comment for this news story on the message forum.