Last year, vulnerability testing researchers at Mimecast Research Labs reported the finding of a security flaw in Microsoft Office products, tracked as CVE-2019-0560. Before the end of last year, Microsoft received the report of CVE-2019-1463, a new flaw in the Access database application.
According to the report, if the vulnerability
is not corrected, it could expose more than 80,000 companies worldwide, mainly
in the US, to confidential information leak incidents. It should be noted that
so far there is no information confirming the exploitation of this security
flaw in the wild.
Vulnerability testing specialists report that both flaws are similar, but what exactly does the Mimecast report refer to? It is because both vulnerabilities arise due to improper management of system memory by an application, a situation that leads to an unintentional leak of sensitive information.
As mentioned, the vulnerability, also known as
MDB Leaker, is virtually identical to that reported in January 2019. In the
report, the company mentions: “In many cases, because of the randomness of
the content in the compromised memory, the data exposed inadvertently could
simply be pieces of meaningless content, although this is not a rule that will
be fulfilled without variations”.
In some cases, data in the MDB file may be
unintentionally stored, including sensitive information such as passwords,
certificates, web requests, and domain/user information. “In other part, a
memory link is not inherently a vulnerability, but is a real consequence of
memory loss; Microsoft
Access users need to review this full report,” vulnerability
testing experts mention.
A potential scenario of exploiting this flaw
involves a threat actor accessing a machine with MDB files. After performing an
automatic search on the container, the attacker could search for and collect
sensitive information stored in these files, which could be used in subsequent
So far no exploits
for this vulnerability have been found in the wild, although this does not mean
that the risk has been overcome. If an administrator passes the update to fix
this flaw, they could still be a victim of exploitation. To minimize risks,
vulnerability testing specialists at the International Institute for Cyber
Security (IICS) recommend following the security tips listed below:
an advanced malware detection system to prevent infections via emails to
prevent file leakage
the release of patches and updates for any system or application, reducing the
time allow attackers to exploit vulnerabilities
network traffic for connections to likely command and control services and for
leaking potentially sensitive files
update endpoint security system to fine-tune threat detection
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.