Microsoft Access vulnerability puts 85,000 companies at risk

Researchers found that there was a vulnerability in the Microsoft Access database application. If it is not patched, it may have adverse effects on thousands of US companies.

The vulnerability discovered by Mimecast’s team could lead to accidental disclosure of sensitive information. He estimates that about 85,000 companies are at risk. However, so far, no companies are believed to have been harmed.

“Access” by laboratoriolinux is licensed under CC BY-NC-SA 2.0 

This memory leak flaw is very similar to the vulnerability found in Microsoft Office last year. Mimecast said:
“If a malicious actor was able to get on a machine which contained MDB files or could get ahold of large drops of MDB files, the actor could conduct an automated ‘dumpster diving’ hunt through all of them to look for and collect sensitive information residing in these files that could be applied in any number of malicious uses.”

Microsoft has released a patch to correct this problem. Mimecast encourages businesses to download and install the patch and monitor network traffic to monitor if attackers are searching for potentially sensitive files.

Via: fortune