I rarely use this blog to announce bugs in Microsoft products, but there’s a new one out there, and it’s really nasty. It uses Word 2000, 2002, 2003, and 2007 to call up a weakness in jet.dll:
Last week… Symantec researchers analyzed an exploit that circumvented the .mdb file format blocking in Outlook by simply renaming the file to a format the e-mail client accepted. “In fact, it is possible to call msjet40.dll directly from Word, without using Access at all,” claimed Symantec’s Florio in a Thursday post. “In this attack, the .doc file uses mail-merge functionalities to import an external data source file, and so it effectively forces Jet to load the malicious Access sample.”
Windows Vista and Windows Server 2003 SP2 are immune to this attack, as they use a different version of jet.dll. Microsoft is working on a patch, but in the meantime they “strongly suggest” that admins disable Jet or block .mdb attachments at the gateway.
Read more about it here.