Experts confirmed that the zero-day vulnerability resides in Microsoft Jet Database Engine
A security expert has published information about an unpatched zero-day vulnerability in all versions of Microsoft Windows operating system (including server ones) after the Microsoft failed to patch a disclosed bug within the 120-days deadline.
Lucas Leong, Trend Micro Security Research team expert, confirmed that the zero-day vulnerability resides in Microsoft Jet Database Engine that could enable an attacker to remotely execute code on vulnerable Windows machine. The Microsoft JET Database Engine is a database engine integrated within couple of Microsoft products.
As confirmed in a advisory released by Zero Day Initiative (ZDI), this vulnerability is present because of problem with the management of indexes in the Jet database, which if exploited can lead to remote code execution. In order for exploit to be run sucesfully, a hacker must trick a target into opening a specifically made JET database file in order to exploit this vulnerability, and remotely execute code on a targeted machine or server.
“Crafted data in a database file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process,” Trend Micro’s Zero confirmed in it’s blog post.
Microsoft on the other hand, is working on a fixing of the vulnerability, since same one was not included in September Patch, we can expect the fix in Microsoft’s October security updates.
Proof-of-concept code for the vulnerability has also been published by the company’s GitHub page.
