January 8 evening news, according to foreign media reports, the researchers found that there is a loophole in Microsoft's Access database application, if not repaired, could have a negative impact thousands of American businesses.
Mimecast team discovered this vulnerability could result in an unexpected disclosure of sensitive information. He estimated that about 85,000 businesses at risk. But so far, it is believed that the company still does not have any damage.
This memory leak defects and vulnerabilities discovered last year in Microsoft Office is very similar. Access will be referred to as a random data segment is saved to memory element in each file. Usually, this is only part of useless content, but sometimes there may be some sensitive content, such as passwords or user information and the like. For a hacker with a patient, the information is very valuable.
Mimecast said, "If you can invade computers have MDB files contain, or be able to get a lot of MDB file, a hacker can these so-called automatic MDB File" dumpster diving "(dumpster diving), to find and collect reside in these sensitive information in the file, the information can be used for any malicious purpose. "
Microsoft has released a patch to correct this problem. Mimecast encourage enterprises to download and install the patch, and monitor network traffic, to monitor whether there are circumstances in searching potentially sensitive files attacker.
From: SAN author: Qiao Feng