Microsoft Data Access Components vulnerability could allow remote code execution
Report ID: MS201207003
Date Published: 16 July 2012
Compromise Type: remote-code-execution
Compromise From: remote
Microsoft Data Access Components 2.8 SP1
Microsoft Data Access Components 2.8 SP2
Windows Data Access Components 6.0
A vulnerability in Microsoft Data Access Components (MDAC) could allow an attacker to execute arbitrary code in the context of a logged-on user.
Microsoft has released a security update to address a vulnerability in Microsoft Data Access Components (MDAC). The vulnerability was caused by improper processing of XML code, resulting in the access of an uninitialized object in memory.
To fix this issue, a change in the way of handling objects in memory has been introduced through the update. Users are recommended to install this latest update to protect their system from potential exploit attempts.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-045)