Online criminals are exploiting a flaw in the Microsoft Office Access database to install unauthorized software on computers, the United States Computer Emergency Readiness Team (US-CERT) warned Monday.
In its brief warning, US-CERT offered few details on the attack, saying simply that the organization is "aware of active exploitation" of the problem by criminals who have sent specially crafted Microsoft Access Database (.mdb) files to victims.
These files are "designed for the sole purpose of executing commands," so they should not be accepted from untrusted sources, Microsoft said in a note on its Web site.
|