Vulnerability in Microsoft Data Assignment

Added on - 20 Sep 2019

  • 5

    Pages

  • 801

    Words

  • 156

    Views

  • 0

    Downloads

Trusted by +2 million users,
1000+ happy students everyday
Showing pages 1 to 2 of 5 pages
Table of ContentsExecutive Summary............................................................................................................1Technical description.........................................................................................................1Attack Vector...............................................................................................................................1Mitigation....................................................................................................................................2Remediation.................................................................................................................................3Exploitation Scenario...................................................................................................................3Executive Summary
A vulnerability was discovered in the first quarter of 2006. The vulnerability was found in theMicrosoft Data Access Components or MDAC. This vulnerability was privately reported toMicrosoft and much of the details surrounding it did not see much publication surrounding it.Microsoft designated this vulnerability as critical and immediately started working on thesolution. The vulnerability allows an attacker to execute code remotely and gain access to thecomputer. This paper talks about the vulnerability and then proceeds to talk about the AttackVector. The exploitation scenario will be detailed and will then talk about mitigating thevulnerability as well as possible remediation techniques.Technical descriptionAttack VectorThis vulnerability existed in the Microsoft Data Access Components or MDAC that allowedremote attackers to execute code remotely. The affected systems include Microsoft 98,Millennium Edition, Microsoft XP, 2000 as well as Windows Server 2003. However,Microsoft rated impact severity of Windows Server 2003 as ‘moderate’ instead of ‘critical’compared to others. In poorly written application that supports MDAC, it would allowattackers to execute code remotely and exploit this vulnerability fully. If a user is logged inwith Administrator rights in these operating systems, then an attacker who exploited thisvulnerability successfully would completely be able to take control of the system. He couldinstall programs, change or view data or even delete data and create other accounts amongwith a host of other activities. Users whose accounts are configured with less rights may beless affected than with users with more rights.
desklib-logo
You’re reading a preview
Preview Documents

To View Complete Document

Click the button to download
Subscribe to our plans

Download This Document