New vulnerability in Access now being used to infect computers

PandaLabs has discovered a new vulnerability in Microsoft Access. This is a similar security problem to the one discovered a few months back, categorized as CVE-2007-6026. The newly discovered flaw also affects the msjet40.dll library, albeit at a different point.

The problem is exacerbated by the fact that cyber criminals are already actively using this security hole to install malware silently on computers. Specifically, PandaLabs has detected that it is being used to distribute the dangerous Keylogger.DB Trojan, designed to steal confidential data by logging users’ keystrokes.

This security hole is exploited through maliciously-crafted Access files(.mdb), embedded with malicious code.

To avoid falling victim to this security problem, PandaLabs advises users not to open suspicious files received or downloaded from the Internet, and to keep their security solutions up-to-date, especially since there is currently no patch available to resolve this vulnerability.