When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft Office Access files targeted for attack

Online criminals are exploiting a flaw in the Microsoft Office Access database to install unauthorized software on computers, the United States Computer Emergency Readiness Team (US-CERT) warned Monday. In its brief warning, US-CERT offered few details on the attack, saying simply that the organization is "aware of active exploitation" of the problem by criminals who have sent specially crafted Microsoft Access Database (.mdb) files to victims.

These files are "designed for the sole purpose of executing commands," so they should not be accepted from untrusted sources, Microsoft said in a note on its Web site. Run by the U.S. Department of Defense, US-CERT is charged with coordinating the nation's response to cyberattacks. Companies typically block the use of .mdb files, but criminals could be using this attack in a targeted strike against an organization that is known to use this particular file-type, said Ben Greenbaum, senior manager for Symantec security response. Symantec itself has seen no evidence of the .mdb exploitation that prompted the US-CERT alert.

View: The full story
News source: InfoWorld

Report a problem with article
Next Article

Office 2007 SP1 Isn't a Gift

Previous Article

Cisco Views Video as Future Internet Killer App