Company

ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us →

Leadership →

Careers →

Event Calendar →

Newsroom →

EVENT CALENDAR

Apr

Data Connectors St. Louis

May

Milwaukee Cybersecurity Summit

May

RSA Conference

May

Secure360 Conference

Jun

Dallas Technology Summit

View Calendar →

LATEST PRESS RELEASE

Apr 03, 2024

Global Cybersecurity Solutions Provider, eSentire, Launches a New Technology Innovation Center in India

Bengaluru, India – April 4, 2024 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), announced today the opening of its new Technology Innovation Center in India, under the legal entity eSentire India Private Limited. The Innovation Center will extend eSentire’s global…

View Newsroom →

Partners

PARTNER PROGRAM

We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.

LEARN MORE →

Apply to become an e3 ecosystem partner with eSentire today.

APPLY NOW →

Speak With A Security Expert Now

TALK TO AN EXPERT

A vulnerability affecting all versions of Windows was publicly released on September 20^th [1]. If exploited, this vulnerability could allow an unauthenticated attacker to perform remote code execution on vulnerable systems. The cause of the vulnerability is found in the Microsoft JET Database Engine, which allows threat actors to perform an out-of-bounds write. There is a medium-high confidence rating that threat actors will act to quickly weaponize this vulnerability as Microsoft has not released a security patch and Proof-of-Concept code has been made publicly available [2].

What we’re doing about it

The eSentire Threat Intelligence team is monitoring this topic for additional information
esRECON will update its vulnerability plugins as updates become available to assist in identifying and remediating this 0-day

What you should do about it

Apply the Microsoft security patch once it has been made available
Conduct user awareness training around phishing and avoiding opening documents from unknown or suspicious sources

Additional information

In an attack scenario, a threat actor would send a maliciously crafted file with data stored in the JET database format or add the malicious document to a compromised website. If the attachment is opened the malicious file will execute [3].The Microsoft JET Database Engine can be exploited due to an issue with index management to cause an out-of-bounds write; this is when data is written past the end or before the beginning of the intended buffer. Out-of-bound writes can result in data corruption, software crashes or code execution.

The Jet Database Remote Code Execution vulnerability was publicly disclosed before security patching due to a 120-day notification deadline not being met. The vulnerability was initially reported to Microsoft on May 8^th and the development of a security patch is reported as ongoing.

References:

[1] (0Day) Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-18-1075/

[2] ZDI-CAN-6135: A REMOTE CODE EXECUTION VULNERABILITY IN THE MICROSOFT WINDOWS JET DATABASE ENGINE
https://github.com/thezdi/PoC/tree/master/ZDI-18-1075

[3] ZDI-CAN-6135: A REMOTE CODE EXECUTION VULNERABILITY IN THE MICROSOFT WINDOWS JET DATABASE ENGINE
https://www.thezdi.com/blog/2018/9/20/zdi-can-6135-a-remote-code-execution-vulnerability-in-the-microsoft-windows-jet-database-engine

ESENTIRE SERVICES

Managed Detection and Response

Digital Forensics and Incident Response

Exposure Management Services

ESENTIRE PLATFORM AND PEOPLE

Extended Detection and Response (XDR)

Security Operations Center (SOC)

Threat Response Unit (TRU)

Cyber Resilience Team

eSentire MDR for Microsoft

USE CASES

Ransomware

Cybersecurity Compliance

Zero Day Attacks

Cloud Misconfiguration

Third-Party Risk

Do More With Less

Cyber Risk

Cyber Insurance

Sensitive Data Security

INDUSTRIES

Insurance

Construction

Finance

Legal

Manufacturing

Private Equity

Healthcare

Retail

Food Supply

Government and Education

24/7 MDR SIGNALS

Network

Endpoint

Log

Cloud

Insider Threat

MDR Pricing

From The Blog

Building an Effective Threat Hunting Program for Proactive Cyber Defense

Don't Take the Bait: The XWorm Tax Scam

SolarMarker's Shift to PyInstaller Tactics

Resources

Case Studies

TRU Intelligence Center

Cybersecurity Tools

Videos

Reports

Webinars

Data Sheets

Real vs. Fake MDR

Blogs

Security Advisories

SECURITY ADVISORIES

Update: Zero-Day Vulnerability Impacts Palo Alto (CVE-2024-3400)

Zero-Day Vulnerability Impacts Palo Alto (CVE-2024-3400)

ABOUT ESENTIRE

About Us →

Leadership →

Careers →

Event Calendar →

Newsroom →

EVENT CALENDAR

Data Connectors St. Louis

Milwaukee Cybersecurity Summit

RSA Conference

Secure360 Conference

Dallas Technology Summit

LATEST PRESS RELEASE

Global Cybersecurity Solutions Provider, eSentire, Launches a New Technology Innovation Center in India

PARTNER PROGRAM

Search our site

Quick Links

Multi-Signal Managed Detection and Response

24/7 Global Security Operations Centers

eSentire MDR Pricing

Cybersecurity Tools

TRU Intelligence Center

Case Studies and Customer Testimonials

Get Started →

The Proven Choice for
Managed Detection and Response

Sales and
Customer Support