Insecure MDAC 2.x - Forum - Community

Vulnerability Information

Vulnerability Scanning

Community

Blog - new entry!

Corporate Information

Home > Community > Forum > Show thread > Insecure MDAC 2.x

Forum

All Threads

Create New Thread

About

Forum Thread: Insecure MDAC 2.x

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Problems and Questions Regarding 3rd Party Programs

Relating to this vendor:
Microsoft

And, this specific program:
Microsoft Data Access Components (MDAC) 2.x

preemo	Insecure MDAC 2.x
	by preemo on 26th Nov, 2008 21:31
Posts: 2 User Since: 26th Nov, 2008 Secunia System Score: N/A Location: N/A	Hi, Secunia PSI has detected an insecure version of MDAC. I am not sure how to patch/update it. My attempts to update it via the MS website has been unsuccessful. Can you please help? Version Detected: 2.81.1117.0 Installation Path: c:\i386\msadox.dll Thanks Preemo
	Reply Quote

BigDave_39	RE: Insecure MDAC 2.x
	by BigDave_39 on 26th Nov, 2008 21:39
Posts: 175 User Since: 26th Nov, 2008 Secunia System Score: N/A Location: Washington, DC, US	on 26th Nov, 2008 21:31, preemo wrote: Installation Path: c:\i386\msadox.dll You should always update your MDAC as well as everything else on your PC. However, since it is in your "i386" folder, I would believe it should be safe to create an "ignore rule" in the PSI keeping it from showing up. Found this page after searching for the i386 directory on google: http://ask-leo.com/so_just_what_is_the_i386_direct... -- Big Dave
	Reply Quote

pawtricia	RE: Insecure MDAC 2.x
	by pawtricia on 27th Nov, 2008 21:36
Posts: 4 User Since: 27th Nov, 2008 Secunia System Score: N/A Location: N/A	Hi, I am in the same situation. Secunia PSI - Final Version has detected an insecure version of MDAC. I can’t patch my version, Microsoft Data Access Components (MDAC) 2.x Version 2.50.4403.4 Installation Path: C:\Office\FILES\OSP\1033\FILES\PFILES\COMMON\SYSTE M\ADO\MSADOX.DLL but I have another version patched under the patched header. Microsoft Data Access Components (MDAC) 2.x Version 2.81.1132.0 Installation Path: C:\Programfiles\Commonfiles\System\ado\msadox.dll My system is Windows XP Professional SP3 Is it possible that my file is in a backup location or was installed by a third-party program, not Microsoft, and I should ignore it? I also have the same problem with 6 more MS files The following are deemed insecure under: c:\Office\FILES\PFILES\MSOFFICE\OFFICE10 Microsoft Access 2002 10.0.2627.1 Microsoft Excel 2002 10.0.2614.0 Microsoft Frontpage 2002 10.0.2623.0 Microsoft Outlook 2002 10.0.2627.1 Microsoft PowerPoint 2002 10.0.2623.0 Microsoft Word 2002 10.0.2627.0 But I have patched versions under c:\Programfiles\MicrosoftOffice\Office10 MS Access 2002 10.0.6845.0 MS Excel 2002 10.0.6847.0 MS FrontPage 2002 10.0.6845.0 MS Outlook 2002 10.0.6838.0 MS PowerPoint 2002 10.0.6842.0 MS Word 2002 10.0.6846.0 Should these also be ignored? Thank you so much if you can help. Happy Thanksgiving Pawtricia
	Reply Quote

mapych	RE: Insecure MDAC 2.x
	by mapych on 27th Nov, 2008 23:20
Posts: 47 User Since: 27th Nov, 2008 Secunia System Score: N/A Location: N/A	About the MDAC problem, you can take a look at my answer in this thread: http://secunia.com/community/forum/thread/show/624
	Reply Quote

preemo	RE: Insecure MDAC 2.x
	by preemo on 4th Dec, 2008 21:26
Posts: 2 User Since: 26th Nov, 2008 Secunia System Score: N/A Location: N/A	Thanks very much for your help Dave
	Reply Quote