It took a couple of weeks for Microsoft to get confirmation, but yesterday they did go on record and released a warning about Microsoft Word that’s running on Windows 2000, XP and Server 2003 SP1. Microsoft originally seemed to think there was little threat, but after receiving several legitimate complaints (from companies like Symantec and Panda Security) they acknowledged that the .mdb file (and even .mdb file format blocking in Outlook) and the Jet Database Engine were vulnerable to targeted attacks.
At the moment, there’s no fix available, but Microsoft is working on it. The next regularly scheduled patch release day isn’t until April 8th, but we’ll get notification sooner if Microsoft determines that enough users are being impacted. In the meantime, Jet should be disabled or .mdb files should be blocked at the gateway. And by the way, if you’re an Apple user running Word like me, you too should update when our Microsoft brethren do
Source, H/T: Uncle Monster
Posted under Security, Software
This post was written by Nicki on March 25, 2008
Samantha Jones on 
Samantha Jones on 
Ivan on 
