Friday, September 30, 2005

Trojan Targets Unpatched Windows Flaw

Ryan Naraine writes in eWeek:

Virus writers are actively exploiting a security vulnerability in the Microsoft Jet Database Engine that remains unpatched more than five months after it was first reported to the software giant.

The mail-borne exploit, which camouflages itself as a Microsoft Access file, infects Windows machines through a "highly critical" flaw in the Microsoft Jet database engine—the lightweight database widely used by applications such as Microsoft Office 2000, Office 2003, Access 2000 and Access 2003.

The vulnerability—along with proof-of-concept exploits—was first reported to Microsoft in March along with a warning that it could be used by malicious hackers to take complete control of a victim's computer.

Microsoft has never publicly acknowledged the existence of the bug, which affects fully patched systems with Microsoft Access 2003 and Microsoft Windows XP, including Service Pack 2.

However, according to an advisory from Symantec Corp.'s security response unit, the unpatched hole is being exploited to drop a malicious Trojan horse identified as "Backdoor.Hesive."

The exploit has been discovered in the wild. Symantec rates the distribution of the Trojan as "low" but warned that the potential for damage is significant.

0 Comments:

Post a Comment

<< Home