Usually when we hear about severe security problems in Office, we hear it from independent companies. Not today, however, as Microsoft has recently published an advisory regarding Access due to a vulnerability being discovered. The vulnerability can lead to arbitrary code execution which, of course, can lead to system compromise. The flaw is inside a particular ActiveX control, and can be exploited by something as simple as a compromised web page.

The flaw affects Access 2000, 2002 and 2003, but does not affect the latest version, Access 2007. It also affects the standalone program Snapshot Viewer. Disabling ActiveX inside IE can prevent compromise, or, as Microsoft would which rather you do, updating to Access 2007.