Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 21, 2023Severity Medium Analysis Summary Rhadamanthys is a type of malware known as a stealer, which is designed to steal sensitive information from infected computers. It was […]March 21, 2023Severity High Analysis Summary The Mirai botnet is a type of malware that infects Internet of Things (IoT) devices, such as routers, security cameras, and other […]March 21, 2023Severity High Analysis Summary LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 21, 2023Severity Medium Analysis Summary Rhadamanthys is a type of malware known as a stealer, which is designed to steal sensitive information from infected computers. It was […]March 21, 2023Severity High Analysis Summary The Mirai botnet is a type of malware that infects Internet of Things (IoT) devices, such as routers, security cameras, and other […]March 21, 2023Severity High Analysis Summary LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
British Airways faces Data Breach of 380,000 Accounts
September 18, 2018
Rewterz Threat Advisory – CVE-2018-11763 – Apache HTTP Server SETTINGS Frames Denial of Service Vulnerability
September 26, 2018
A vulnerability has been reported in Microsoft Windows 7, which can be exploited by malicious people to execute remote code on system.
IMPACT: NORMAL
PUBLISH DATE: 25-09-2018
OVERVIEW
A vulnerability in Microsoft Windows JET Database Engine could allow for remote code execution. A number of applications like Microsoft Access, Microsoft Visual Basic, and third-party applications get data access by the JET Database Engine. When this vulnerability is exploited successfully, it lets attackers execute a remote code in the context of the current process and misuse the privileges associated with the process.
It may involve installing programs; viewing, changing or deleting data; or even creating new accounts with full user privileges. Processes configured to have administrative privileges can be more harmful if exploited.
This attack however would require user interaction as it requires the targeted user to visit some malicious page or open a malicious file. The specific flaw exists within the management of indexes in the Jet database engine. Crafted data in a database file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
ANALYSIS
This vulnerability is due to an out-of-bounds write error. Specifically, this issue exists within the management of indexes. When a user is convinced to open a specially crafted Jet data source via OLEDB, this vulnerability can be exploited.
Microsoft has already patched two other issues in the JET this September. The already patched bugs were buffer overflows; however, this additional bug is actually an out-of-bounds write, which can be triggered by opening a Jet data source via OLEDB.
When a user opens a specially crafted file containing data stored in the JET database format, the vulnerability is triggered. This vulnerability may proceed to cause a Denial of Service (DoS).
This crash is yielded by the issue:
AFFECTED PRODUCTS
Microsoft Windows 7
(Note: Only Windows 7 has been confirmed vulnerable but the exploited component is included in all supported versions of Windows, including server editions.)
MITIGATION
No patch for the vulnerability has yet been released. It is expected that Microsoft will soon patch the vulnerability in the upcoming October patch release. Until then, vigilant behavior is the only solution to avoid falling victim to this vulnerability.
Zero Day Initiative also suggests that users should restrict interaction of the application with trusted and confidential files.
If you think you’re the victim of a cyber-attack, immediately send an email to info@rewterz.com.