Researchers recently released a notification announcing a flaw in Access, a database management system by Microsoft. Mimecast Research Labs revealed that if the vulnerability remains unaddressed, it can compromise the security of around 85,000 companies. As of this writing, no company has been affected.
Identified by the Mimecast team, Microsoft Access’s security weakness, called the MDB Leaker, could enable potential attackers to access and leak sensitive data. According to the report, the flaw was discovered on December 10, 2019.
This threat has the potential to affect thousands of companies. Around 60% of these are in the United States.
The Lab noted that the Access security risk is similar to the Microsoft Office vulnerability, which was discovered back in January 2019. They share a common coding error, which can lead to “the improper management of system memory by an application.”
The MDB Leaker “[caused] the content of uninitiated memory elements to be saved into every file.” Fortune explained that this error causes applications to “randomly save pieces of data called memory elements into every file.”
This means that the info saved in such files can be fragmented, thus, considered useless. However, there are cases in which sensitive info is included such as usernames, passwords, and other sensitive data.
Mimecast noted that the report is considered false positive, which led to the discovery of the vulnerability. Just like in the Office flaw, the Access error started as a false positive.
In an elaboration of the issue, it was revealed that Lab researchers flagged a false positive using static file analysis. They found that the culprit is merely a “data-only file type” or a Microsoft Access MDB file. However, the experts believed that the cause of the false positive is an improperly managed system memory.
The researchers also noted that this issue has occurred in a previous version of the database software.
Meanwhile, Microsoft has also disclosed the vulnerability on its website. It was labeled CVE-2019-1463 or Microsoft Access Information Disclosure Vulnerability. The company also acknowledged that a hacker could use this to exploit victims. However, the randomness of the contents of the MDB files requires attackers to be thorough and patient.
In the firm’s assessment, the flaw is less likely to be exploited. Nevertheless, Mimecast recommended the use of an email security system that has advanced malware detection functions. Regular monitoring and installing patches were also recommended. Lastly, monitoring of network traffic and continuous updating are deemed valuable.
