New Trojan exploits Microsoft's Jet Database Engine

By Derek Sooman on
Malware writers have created a Trojan which uses an unpatched vulnerability in Microsoft Office to take over Windows PCs. Known as the Hesive Trojan, the malware is disguised as a Microsoft Access file. Once you are stupid enough to open such a file, malware takes advantage of a five-month old buffer overflow flaw in Microsoft's Jet Database Engine software to seize control of vulnerable machines.

In a statement sent via email on Friday, a company representative said: "Microsoft is aware that a Trojan recently released into the wild may be exploiting a publicly reported vulnerability in Microsoft Office." The software maker is investigating the issue and will take "appropriate action", the representative said.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.