In the later case, it was an ActiveX control that allowed users to connect to RDS through IE and wreak havoc. Microsoft released a security bulletin about a component of MDAC called RDS, which has a vulnerability that permits malicious Web servers to perform drive-by downloads against the unpatched PCs of unsuspecting victims. In the bulletin, MS98-004, Microsoft warned that a part of MDAC called the RDS (Remote Data Service) had a vulnerability that allowed unauthorized people to browse databases.įlash-forward eight years to the spring of 2006. Way back in 1998, Microsoft issued a security bulletin about a component of IIS that ran under Windows NT Server called Microsoft Data Access Components. MDAC: The component that keeps on giving (headaches) Bug identifier: CVE-2006-0003, MS06-014 Description: Vulnerability in MDAC (Microsoft Data Access Components) could allow code execution Alias: MDAC RDS.Dataspace ActiveX bug Date published: April 11, 2006 And we also got a cool new name for an exploit method: drive-by downloads. Upshot: We learned that nothing is sacred, that any file format could be considered hostile. The bug had far-reaching effects, enabling malicious code to be foisted on unsuspecting users and executed in a variety of ways: previewing an e-mail containing the malicious WMF file in Outlook viewing an image preview in Explorer viewing a malicious WMF in certain third-party graphics programs indexing a hard disk that contained a malicious file following a URL link in an e-mail, IM, or on another Web page to a site where the malicious file was embedded in the Web page. But for a long while, unpatched computers running vulnerable versions of gdi32.dll roamed the Internet, slurping up mountains of malware. The aftermath of the discovery followed a familiar pattern.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |