Remote code execution in Microsoft JET Database Engine
A participant in the Zero Day Initiative, Lucas Leong (Trend Micro), revealed details about the existence of a critical vulnerability in Windows that allows remote execution of arbitrary code in the context of the current process. To successfully exploit the problem, you will need the participation of a user who must open a malicious file or click on the link.
PoC This vulnerability, which affects the entire line of modern operating systems from Microsoft: Windows ? Windows 8.? Windows 1? and Windows Server Edition 2008 to 2016.
Curious fact is that the details of the vulnerability were provided to Microsoft on May ? on May 1? Microsoft confirmed the presence of a bug. According to the ZDI policy after a 120-day wait (4 months), they published a vulnerability. Currently, Microsoft is preparing a correction, which, presumably, will be included in the planned October updates.
Attackers can use this vulnerability very successfully for phishing attacks, APT vector implementations, and watering hole class attacks. It is recommended that you use trusted file usage policies until a patch is released.
It may be interesting