Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    Dec14
    7:13 am (UTC-7)   |    by

    A US-CERT advisory posted December 10 warns users to be wary of opening Microsoft Access Database (.MDB) files received in emails. A stack buffer overflow vulnerability caused by a specially crafted .MDB file can cause code to execute without requiring any user interaction. When exploited, the said vulnerability allows malicious users to install files on affected systems.

    Trend Micro detects the exploit as HKTL_MDBEXP.A, which takes advantage of the Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability. Once this hacking tool has exploited a vulnerable target, malicious users can execute certain commands on an affected system. Research Project Manager Ivan Macalintal says it’s already being seen in Korea.

    Although .MDB files are not usually seen by the common user, they are easily executed provided the user has Microsoft Access installed. Add a good deal of social engineering, and the user may be prompted to open the malicious .MDB file. Microsoft has also issued a warning that .MDB files are exclusively designed for executing commands, so users should be careful in accepting or downloading them, especially when these do not come from legitimate sources.

    This is the second time this month an .MDB file was reported, the first one involved a Trojan which used a vulnerability to drop and execute other malicious files.

    In this regard, US-CERT warns the public:

    • Do not open attachments from unsolicited email messages
    • Block high-risk file attachments at email gateways

    Trend Micro couldn’t agree more. This warning extends not only to .MDB files, but to other attachments received via unsolicited mails as well.

    Additional text by Roderick OrdoƱez





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice