Critical Vulnerability Discovered in Microsoft Data Access Components
( Microsoft Security Bulletin MS11-057, CVE-2011-1975 )
Summary
A critical insecure library loading vulnerability has been reported in Microsoft Data Access Components. A remote attacker could exploit this vulnerability to take complete control of the affected system.
Details
Microsoft Data Access Components provides a number of supporting technologies for accessing and using databases.
The vulnerability is due to the improper way in which the Data Access Components handle the loading of "DLL" library files. A remote attacker could trigger this vulnerability by enticing a victim to accept and open a Microsoft Excel-related file (e.g. .xlsx) on a remote SMB or WebDAV folder. Successful exploitation of this vulnerability may allow an attacker to take complete control of the affected system.
Affected Products
The following products have this vulnerability:
- Windows 7 for 32-bit Systems original release and SP1
- Windows 7 for x64-based Systems original release and SP1
- Windows Server 2008 R2 for x64-based Systems original release and SP1
- Windows Server 2008 R2 for Itanium-based Systems original release and SP1
Solution
Check Point's IPS Software Blade and SmartDefense provide network protection against this vulnerability in by detecting and blocking the transferal of suspicious DLL files over CIFS and WebDAV. For more information see CPAI-2011-360.
Originally Published:
Last Updated: 09-Aug-2011