Major Microsoft  Access vulnerability affects US companies

A major component of the Microsoft Office Suite has been discovered to have an extremely concerning vulnerability.

It has been labeled CVE-2019-0560, which is extremely similar to yet another vulnerability (CVE-2019-1463). This older vulnerability was also discovered in Microsoft’s Access database application on December 10, 2019.

What does this vulnerability involve?

The most concerning issue about this vulnerability is that if it is left unpatched, it could leave more than 85,000 companies exposed to a leak of sensitive data.

Unfortunately enough, no current solution has been found for this vulnerability, leaving all of those companies, most of which are from the U.S., to be vulnerable.

Both of these vulnerabilities stem from a common coding error that causes improper management of system memory by an application. If exploited accordingly, it could lead to the unintended disclosure of sensitive or private information.

In simple words, sensitive data is present in a database’s MDB files. Normally, data unintentionally saved into the file could often be valueless content fragments.

However, this may not always be the case, since the data can also be sensitive information such as passwords, certificates, web requests, and domain/user information.

Thus, all that a hacker would need to do to access this information is simply gain access to the MDB files, and search for the information.

With that in mind, users should patch their Microsoft Access database executables as soon as possible.

Do you think your company is among the 85.000 affected? Let us know what you think about this vulnerability in the comment section below.

You can read more about this Microsoft Access vulnerability in Mimecast’s report.

Editor’s Note: If you want to read more about cyber security, check out our wide collection of guides and news reports.