Thanks for the reply...What you are saying is completely solid, Jet Database error reporting can be configured to not display this behavior. After testing is complete I have every intention of turning it off, it is a HUGH security risk by giving way to much info. After reading your reply I rewrote my code to trap all errors (Including looking for nonexistant objects) not just the one's I was expecting. That was really good advice, thank you...

Even though my routine is secure by catching the behavior I mentioned in my previous post, It still happens and I'm curious why? I'd really like to find some info on 'Microsoft JET Database code injection'. I know there are major differences between injection methods for SQL and JET,
but can't seem to find any references.