Microsoft warns of new Office attack

Microsoft has warned users to be vigilant after the discovery of a series of attacks on Office..

The attacks use distinctively crafted Word files to ambition a vulnerability in Microsoft’s Jet DB, a database basic acclimated in the abundance suite.

The aggregation issued an advising analogue the attacks, which were classified as “very limited” and aimed at specific targets.

McAfee researcher Craig Schmugar appropriate in a blog announcement that the attacks could announce a about-face in strategy.

Attackers accept about exploited Microsoft Jet DB vulnerabilities through MDB files, and Microsoft has consistently ashore to its MDB files are alarming story, wrote Schmugar. “Well that has changed,” he added.

Microsoft said that Windows Vista and the contempo Service Pack 1 advancement are not accessible to the absorber overflow acclimated in the attack. The Service Pack 2 adaptation of Office 2003 is additionally immune.

The aggregation is investigating the attacks, and has not yet absitively whether to application the blemish anon or delay until abutting month’s appointed aegis update. Microsoft has brash users not to accessible files from untrusted sources.

The vulnerability allows an antagonist to admission the arrangement with the rights of the accepted user, and Microsoft said that administrators can minimise this accident by putting controls on non-administrator accounts.