Eng en

Select Country or Region

Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

You are here: Threats Vulnerability protection Microsoft Microsoft Data Access Components vulnerability could allow remote code execution

Vulnerability protection

Microsoft Data Access Components vulnerability could allow remote code execution


Report ID: MS201207003
Date Published: 16 July 2012

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote

Affected Product/Component:

Microsoft Data Access Components 2.8 SP1
Microsoft Data Access Components 2.8 SP2
Windows Data Access Components 6.0




Summary

A vulnerability in Microsoft Data Access Components (MDAC) could allow an attacker to execute arbitrary code in the context of a logged-on user.



Detailed Description

Microsoft has released a security update to address a vulnerability in Microsoft Data Access Components (MDAC). The vulnerability was caused by improper processing of XML code, resulting in the access of an uninitialized object in memory.

To fix this issue, a change in the way of handling objects in memory has been introduced through the update. Users are recommended to install this latest update to protect their system from potential exploit attempts.



CVE Reference

CVE-2012-1891



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-045)



Source

Microsoft Security Bulletin MS12-045



F-Secure Health Check



Health Check

 
Evaluate your computer's security and see recommended updates for popular programs.

 

Try it

Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.

 

Read F-Secure advisories