A security researcher, Lucas Leong, from our main security partner, Trend Micro. Has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after Microsoft was previously told about the vulnerability with a 120-day deadline to patch, however, they did not do. Therefore the vulnerability has been disclosed to the public.
This particular zero-day vulnerability resides in the Microsoft Jet Database Engine which allows an attacker to remotely execute malicious code on any vulnerable windows computer. Contact us today if you’re uncertain how vulnerable your devices are.
JET known as ‘Joint Engine Technology is one of Microsoft’s Database engines which is integrated within several Microsoft products, including Microsoft Access and Visual Basic.
According to the advisory released by Zero Day Initiative (ZDI), this vulnerability, if exploited correctly, can cause an out-bounds memory write, leading to remote code execution which has endless possibilities. the vulnerability is due to a particular problem with the management of indexes in the JET database engine.
IMPORTANT: it must be noted, for a hacker to successfully execute their attack, they must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability. However, as hard as that sounds, it’s as simple as opening an email file from a dummy “co-workers” email handle.
“Crafted data in a database file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process,” Trend Micro’s Zero Day Initiative wrote in its blog post.
“Various applications use this database format. An attacker using this would be able to execute code at the level of the current process.”
It is extremely important that you contact your MSP provider today, as this vulnerability exists in all supported Windows versions, including Windows 10, Windows 8.1, Windows 7, and Windows Server Edition 2008 to 2016. This is another big blow for Windows as there have already been reports of another 10 vulnerabilities just last month.
Proof-of-concept exploit code for the vulnerability has also been published on Trend Micro’s GitHub Page.
Microsoft has not yet patched this vulnerability so everyone currently is able to be infected, and since Microsoft did not release a patch in it’s September “Patch Tuesday”, it’s likely that users will need to wait until October for this Microsoft support.
Trend Micro, however, recommends that all affected users to “restrict interaction with the application to trusted files,” as a mitigation action until Microsoft comes up with a patch for this. Contact us for further information on how you can do this.
Other Articles You May Enjoy:
- Alert: Microsoft Windows 10 Vulnerability Patches
- Newly Found Malware Combines Ransomware, Coin Mining and Botnet!
- Using Adobe? New Critical Security Updates for Acrobat, Reader and Photoshop CC
- How To Get The Best Out Of Your MSP