Exploit code published for unpatched Office flaw
Security researchers this week reported a flaw in the memory handling of the Microsoft Jet Database Engine that powers the Microsoft Office Access database. An attacker could use the flaw to remotely take control of a compromised system, according to HexView, a security firm that discovered the flaw.
A necessary precursor for attackers to use the flaw, called an exploit, has already been released.
By Scott Bekker at ENT News.
[ Read more ]