logo

Microsoft Data Access Components (MDAC) Vulnerability Report

4 Pages1091 Words417 Views
   

Added on  2019-09-19

Microsoft Data Access Components (MDAC) Vulnerability Report

   Added on 2019-09-19

ShareRelated Documents
Table of ContentsExecutive Summary..................................................................................................................1Technical description................................................................................................................1Attack Vector........................................................................................................................1Mitigation..............................................................................................................................2Remediation..........................................................................................................................3Exploitation Scenario...........................................................................................................3Executive SummaryA vulnerability was discovered in the first quarter of 2006. The vulnerability was found in theMicrosoft Data Access Components or MDAC. This vulnerability was privately reported toMicrosoft and much of the details surrounding it did not see much publication surrounding it.Microsoft designated this vulnerability as critical and immediately started working on thesolution. The vulnerability allows an attacker to execute code remotely and gain access to the
Microsoft Data Access Components (MDAC) Vulnerability Report_1
computer [1]. This paper talks about the vulnerability and then proceeds to talk about theAttack Vector. The exploitation scenario will be detailed and will then talk about mitigatingthe vulnerability as well as possible remediation techniques.Technical description Attack VectorThis vulnerability existed in the Microsoft Data Access Components or MDAC that allowedremote attackers to execute code remotely. The affected systems include Microsoft 98,Millennium Edition, Microsoft XP, 2000 as well as Windows Server 2003. However,Microsoft rated impact severity of Windows Server 2003 as ‘moderate’ instead of ‘critical’compared to others [5]. In poorly written application that supports MDAC, it would allowattackers to execute code remotely and exploit this vulnerability fully. If a user is logged inwith Administrator rights in these operating systems, then an attacker who exploited thisvulnerability successfully would completely be able to take control of the system. He couldinstall programs, change or view data or even delete data and create other accounts amongwith a host of other activities [2]. Users whose accounts are configured with less rights maybe less affected than with users with more rights. MitigationThe following mitigation factors could be utilized by a user who is at the risk of beingaffected by this vulnerability : Internet Explorer Enhanced Security Configuration reduces the risk of thisvulnerability significantly. In order to accomplish this, one needs to follow thefollowing steps : oSetting the security level of Internet zone to ‘High’. This setting disablesActiveX, Microsoft Java VM and other scripts as well as file downloads.oDisabling automatic detection of Intranet sites. In this case, all the intranetsites that are not explicitly listed in a separate local zone are marked asInternet zone sites.oDisable Non-Microsoft browser extensions as well as on-demand browserextensions. It also prevents web pages to automatically installing components.oLastly, the Multimedia content can also be disabled to further prevent thisvulnerability from happening [3].
Microsoft Data Access Components (MDAC) Vulnerability Report_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Microsoft Data Access Components Vulnerability Report
|5
|801
|430

NET Framework and Vulnerabilities Assignment
|4
|979
|271

Windows RPC Vulnerability CVE-2008-4250: Technical Description, Attack Vectors, and Mitigation
|5
|927
|426

CRYPTOGRAPHY AND SECURITY VULNERABILITIES OF SYSTEMS
|12
|794
|21

EternalBlue: A Security Reference Code for MS17-010
|4
|977
|221

Exploiting the Eternal Blue Vulnerability (CVE-2017-0144) in SMB
|8
|1879
|487