Vulnerabilities

Critical vulnerability in Microsoft Access database affects businesses and users

Last year, vulnerability testing researchers at Mimecast Research Labs reported the finding of a security flaw in Microsoft Office products, tracked as CVE-2019-0560. Before the end of last year, Microsoft received the report of CVE-2019-1463, a new flaw in the Access database application.

According to the report, if the vulnerability
is not corrected, it could expose more than 80,000 companies worldwide, mainly
in the US, to confidential information leak incidents. It should be noted that
so far there is no information confirming the exploitation of this security
flaw in the wild.

Vulnerability testing specialists report that both flaws are similar, but what exactly does the Mimecast report refer to? It is because both vulnerabilities arise due to improper management of system memory by an application, a situation that leads to an unintentional leak of sensitive information.

As mentioned, the vulnerability, also known as
MDB Leaker, is virtually identical to that reported in January 2019. In the
report, the company mentions: “In many cases, because of the randomness of
the content in the compromised memory, the data exposed inadvertently could
simply be pieces of meaningless content, although this is not a rule that will
be fulfilled without variations”.

In some cases, data in the MDB file may be
unintentionally stored, including sensitive information such as passwords,
certificates, web requests, and domain/user information. “In other part, a
memory link is not inherently a vulnerability, but is a real consequence of
memory loss; Microsoft
Access
users need to review this full report,” vulnerability
testing experts mention.

A potential scenario of exploiting this flaw
involves a threat actor accessing a machine with MDB files. After performing an
automatic search on the container, the attacker could search for and collect
sensitive information stored in these files, which could be used in subsequent
hacking activities.

So far no exploits
for this vulnerability have been found in the wild, although this does not mean
that the risk has been overcome. If an administrator passes the update to fix
this flaw, they could still be a victim of exploitation. To minimize risks,
vulnerability testing specialists at the International Institute for Cyber
Security (IICS) recommend following the security tips listed below:

  • Use
    an advanced malware detection system to prevent infections via emails to
    prevent file leakage
  • Monitor
    the release of patches and updates for any system or application, reducing the
    time allow attackers to exploit vulnerabilities
  • Monitor
    network traffic for connections to likely command and control services and for
    leaking potentially sensitive files
  • Continuously
    update endpoint security system to fine-tune threat detection

Click to comment

You must be logged in to post a comment Login

Leave a Reply

To Top

Pin It on Pinterest

Share This