Microsoft Jet 0Day: update does not fix it

Microsoft seems to be going through a very difficult month, as it has just been revealed that a exploit on database engine Microsoft JET, which it is supposed to repair, remains open to attacks.

Microsoft JET 0Day

0Day was discovered by Lucas Leong of its research team Security, και βρίσκεται στο Jet Engine της Microsoft Jet. Η ευπάθεια θα μπορούσε να επιτρέψει σε έναν εισβολέα να τρέξει εξ αποστάσεως κακόβουλο on any vulnerable Windows computer.

Microsoft's Jet Database Engine or simply JET (from Joint Engine Technology) is a database engine that is integrated into many Microsoft products, such as Microsoft Access and Basic.

According to an announcement issued by the Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of the Jet Database Engine pointers that if successfully exploited, it can cause out-bounds memory write, and remote code execution.

The attacker should persuade the target to open a specially crafted JET database to exploit the vulnerability and remotely execute the malicious code on the target computer.

According to ZDI researchers, the vulnerability exists in all supported versions of Windows, namely: Windows 10, Windows 8.1, Windows 7, and Windows Server Edition 2008 to 2016.

The JET engine is one of Microsoft's first database innovations. It was developed in the 90s and has been used to power various company applications including: Access, Visual Basic, Microsoft and IIS 3.0.

JET, meanwhile, although removed and replaced by newer technologies, is still included in Windows.

Security technicians of course criticize Microsoft for failing to fix the vulnerability, mainly because it allows full access to the user systems of its operating companies.

Microsoft finally managed to address the problem and made one available last Tuesday.

However, according to Mitja Kolsek, co-founder of 0patch, the recent update for Microsoft's JET is incomplete, and intruders can still exploit the initial vulnerability.

"At this point we will only state that we found the update to be slightly different from our micropatch and, unfortunately, in a way that reduces the vulnerability, rather than eliminating it." he said Kolsek.

"We immediately informed Microsoft about this and will not disclose further details or any poc until they issue a valid solution."

0Patch released a custom "micro-patch" for JET 0Day when it came out, and today released another one which fixes the Microsoft update that affected the original JET fix.

The good news is that until today neither Microsoft nor 0Patch has seen hackers attempting to exploit this vulnerability in Microsoft JET.

_________________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).