Microsoft Zero-day  - Zero day 1 - ZDI opened Microsoft Zero-day Flaw in Public-120 Days Deadline Crossed

A Microsoft Zero-day vulnerability that existing in Microsoft JET Database Engine has been zero-day Initiative (ZDI) 120 days disclosure deadline and now it released in public.

ZDI initially reported this zero-day flow to Microsoft on May 8, 2018, since then Microsoft acknowledged the vulnerability and started working on it to provide the patch for Windows.

This Zero-day flow discovered and reported by Lucas Leong of Trend Micro Research and the vulnerability allows an attacker to run an arbitrary code in Microsoft’s Jet database engine.

Vulnerability Details

This specific vulnerability existing in the management of indexes in the Jet database engine that allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows.

In order to this Microsoft Zero-day vulnerability, the attacker needs to send a specially crafted file containing data stored in the JET database format and the user needs to the file to trigger this vulnerability in victims machine.

According to ZDI, “The root cause of this issue resides in the Microsoft JET Database Engine. Microsoft patched two other issues in JET in the September Patch Tuesday updates. While the patched bugs are listed as buffer overflows, this additional bug is actually an out-of-bounds write, which can be triggered by opening a Jet data source via OLEDB. Here’s a look at the resulting crash”

- crash - ZDI opened Microsoft Zero-day Flaw in Public-120 Days Deadline Crossed

Mainly user interaction does require to successfully exploit this vulnerability in victims machine by tricking them to open the malicious file.

ZDI research confirms that this Microsoft Zero-day existing in the Windows and they believe all supported Windows version are impacted by this bug. You can also find the Proof-of-concept code here. 

As of now this vulnerability is not yet patched and Microsoft continuously working on it to patch this critical Zero-day vulnerability and we expect the patch in the regularly scheduled October Tuesday patch release since it’s not released in September patch.

Also Read:

Hackers Started Exploiting the Unpatched Windows Task Scheduler Zero Day Flaw using Malware

New Zero Day Attack Discovered in MS Word Document Uses to Hack your PC – Still Not yet Patched





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here