- Apr 21, 2016
- 3,321
As explained by ZDI, the zero-day vulnerability found in Microsoft Windows Jet Database Engine's could allow attackers to remotely execute code on any vulnerable installation of the software.
The flaw the research team found is present within JET Database Engine's management of indexes, and it can be exploited by thread actors via a specially crafted JET database file designed to provoke an out-out-bounds write leading to remote execution of code.
Fortunately, attackers cannot exploit the vulnerability without user interaction because a successful exploit needs to have the malicious database file as a starting poin... (read more)
Read more: Zero-Day Windows Jet Database Engine Vulnerability Allows Remote Code Execution