Wednesday | 8 October, 2008
CIO
Microsoft warns of new Access attack
Microsoft is warning of active attacks that leverage a bug in its Snapshot Viewer for Access ActiveX control.
Robert McMillan (IDG News Service) 08 July, 2008 08:20:42

Related Topics
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Newsletter Subscription

Sign up for our CIO newsletters!
Weekly coverage of the issues that impact corporate and government information
RSS Feeds

Cybercriminals are exploiting a bug in software used by Microsoft's Access database program in a new online attack, Microsoft warned Monday.

The flaw lies in the Snapshot Viewer ActiveX control, which ships with "all supported versions of Microsoft Office Access except Microsoft Access 2007," Microsoft said in a security advisory, published Monday.

Microsoft released few details of how the bug is actually being exploited, but said that it is investigating an ongoing computer attack that takes advantage of the problem. "The attack appears to be targeted, and not widespread," wrote Bill Sisk, a Microsoft spokesman, in a blog posting.

Attackers are trying to lure victims to a specially crafted Web page that tries to run the attack code within Internet Explorer. The bug gives attackers a way to run their malicious software on the victim's machine.

Microsoft's Security Advisory offers a number of possible work-arounds for the problem, but the company has not said when it plans to fix the underlying bug.

"We encourage affected customers to implement the manual work-arounds included in the Advisory, which Microsoft has tested," Sisk said. "Although these work-arounds will not correct the underlying vulnerability, they help block known attack vectors."

Snapshot Viewer lets PC users view a Microsoft Access report without having to run the Access software itself. It can be downloaded as stand-alone software.

Market Place
Cut Printer costs! Printing costs can be up to 3% of turnover, cut them by up to 50%.
Reduce TCO for SAP with Linux. Get the white paper that proves your Linux is SAP ready.
Uncover the security challenges faced when defining and implementing security mechanisms within wired and wireless network environments.
21 October 2008 Live webinar: Learn how to orchestrate activities between a request management process and HP/Mercury/Quality Centre
Webcast: How to get the best out of your network featuring expert analysts, to view now click here
New white paper | Improving Sales Productivity: An Opportunity for Sales and IT Leadership | Download now
CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. Tune in now.
Computerworld SOA Summit: Improve your margins and eliminate inefficiencies. Register now | 17th October 2008
 

Smart SOA World Tour

Discover how SOA can create smarter outcomes for your business.

Attend and learn:

  • How SOA is helping leading companies to become more agile
  • Where you should be applying SOA processes in your company
  • The top SOA implementation mistakes to avoid

Click here for more information.
  • +

    CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00

    For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders.
    [ MP3 (7.32 MB) | Windows Media (5.67 MB) ]
  • +

    CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25

    For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders.
    [ MP3 (7.56 MB) | Windows Media (5.14 MB) ]
  • +

    CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00

    Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (4.90 MB) | Windows Media (4.40 MB) ]
  • +

    CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00

    Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (5.89 MB) | Windows Media (4.84 MB) ]
  • +

    CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05

    Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (6.41 MB) | Windows Media (5.13 MB) ]
  • +

    Google blacklists ATUG Web site 07 October, 2008 12:46:00

    ATUG unaware of breach, Google unwilling to discuss details
    Hackers may have hit the Australian Telecommunications User Group (ATUG) Web site, according to Google which has placed security threat warnings across all pages displayed in searches.
  • +

    Can security's human side stop data breaches? 07 October, 2008 14:29:00

    As human error increasingly becomes the top reason for security breaches, behavior-based strategies are making their way into the workplace to supplement technology
    Shira Rubinoff was a practicing psychologist in 2004. When it came to technology, her experience was simply as a tech user, certainly not a tech guru. Then one day she was phished.
  • +

    10 steps to loading dock security 07 October, 2008 11:30:00

    Companies in all industries struggle to secure the loading dock, that sensitive spot where goods come in and go out. Follow these best practices and sleep better tonight.
    It's the stuff of CSO nightmares. Early on the morning of September 2, while most folks were home sleeping off the hot dogs, thieves used bolt cutters to break into an Alltel Communications warehouse and four of its loading docks in Fort Smith, Ark. Sources say they escaped with an estimated US$10 million worth of cell phones, not a bad haul for their Labor Day efforts.
  • +

    Corporate security and the climate crisis 03 October, 2008 11:21:00

    How to adapt security and risk management policies - including IT security - to deal with climate change.
    US military strategists, CIA analysts, international agency officials and Nobel Prize winning economists concur with the consensus of the world's scientific community: the Climate Crisis is a planetary security issue, as well as a national security issue for each of the one hundred ninety two countries that belong to the United Nations. But the Climate Crisis is also, by extension, a corporate security issue, as well as, yes, a cyber security issue.
  • +

    Companies own up to virtual security blind spot 02 October, 2008 11:05:00

    VMWorld attendees reveal vast majority of companies have little or no security in place for their virtual systems.
    The vast majority of companies have little or no security in place for their virtual systems. That is a scary statistic revealed in a survey of attendees at the recent VMWorld 2008 conference in Las Vegas.
CIO Webcast Innovation #8 - What are the biggest roadblocks to IT's involvement in innovation at your company?
Watch the latest latest edition of CIO Innovation which is now available for download.
Watch the webcast
Sign up to the CIO Innovation update email


CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II
Listen to the latest edition of CIO Live which is now available for download.
Listen to the podcast
Sign up to the CIO Live email
Get a job Careerone
Whitepaper
Enterprise Wireless WLAN Security

Read Whitepaper

Enterprise Wireless WLAN Security

Learn more about the security challenges to be faced when defining and implementing security mechanisms within diverse wired and wireless network environments. Download this must-read guide to plan your wireless data protection strategy now.

Sponsored Links