Another Access memory leak finally patched


Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

The second Access memory leak has finally been patched by Microsoft, almost a year after a very similar problem was discovered. These bugs have been around since 2002 and the effects are still in some Access files.

Both are faults in the way Access saves data to memory locations in ways that hackers could exploit. Those memory chunks are usually useless but could contain private information likes names, passwords etc.  Anything saved to memory could get dumped into an Access database or as Microsoft puts it “compromise of the confidentiality, integrity, or availability of a user’s data, or of the integrity or availability of processing resources.”

another access memory leak finally patched microsoft office 33866 - Another Access memory leak finally patched

Back in January 2019, Microsoft patched CVE-2019-0560 an Access memory leak bug where the parts of memory are saved in documents.

Then in December 2019, it was a similar problem patched CVE-2019-0560.  This time called ‘MDB leaker’.

With MDB leaker, Access saves random chunks of memory to MDB files.  A hacker could scan MDB files on a computer looking for any useful info that should not be there in the first place.

The Good News

If you’ve been updating Office 365, Office 2016, Office 2013 or Office 2010 regularly there’s no ongoing problem.

Happily, there’s no reports of either exploit being used ‘in the wild’.

The Bad News

Only Office 2010 and later have been fixed. Mimecast suggest these memory leaks have been in Access since 2002 (Office XP).

Any Access files that were last saved before the security patches will have unwanted memory blocks in them. Any older MDB need to be opened and saved by a patched Office to make sure there’s no unwanted extras.

That’s not good however keep in mind that the memory objects saved in the MDB’s are random.  You’d have to be very unlucky to have something exploitable stored.  In other words, balance the time, trouble & cost of finding and saving old MDB files against the relatively low risk.

Both these bugs weren’t found by Microsoft, it was Mimecast who did the ‘hard yards’ in both cases.

It’s disappointing that Microsoft didn’t dig deeper after being told of the first Access memory leak bug.  If they’d done that, the company should have found the similar bug and fixed it too.

Office documents had unexplained memory objects saved in them?  Didn’t someone at Microsoft notice these strays in their files over 15+ years?

subs profile e1563205311409 - Another Access memory leak finally patched
Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address