Jump to content

Community Zone
Recent Forum Topics
MSFN Guides
Mobile News

MSFN Recommend
AskVG.com Bink Filehorse FreewareFiles Where unprofessional journalism looks better OSNN The Windows Club WinBeta lunarsoft
MSFN Statistics

Windows News
Microsoft warns of zero-day attack, graphics vulnerability exploited through Word

Do you still have images enabled in Outlook? If so, then right now is a great time to disable pictures since there's a new Microsoft zero-day vulnerability. The newest exploit combines multiple techniques to bypass DEP [data execution prevention] and ASLR [address space layout randomization] protections. The graphics vulnerability exploited through Word, according to Microsoft, deals with the way TIFF image files are handled; when exploited, it allows code hidden in an image to run. The security advisory warns the attack affects Office 2003, 2007, 2010, Windows Server 2008, Microsoft Lync as well as Windows Vista. If you're still using Windows Vista, then I don't know what to say other than so sorry and it sucks to be you. Luckily, Microsoft issued a temporary work-around "Fix-It" tool.
Although Dustin Childs, group manager of response communications for Microsoft Trustworthy Computing, reported, "We are aware of targeted attacks, largely in the Middle East and South Asia," Security Advisory 2896666 makes it sound more dire. It (CVE-2013-3906) states:
Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Microsoft Office products.
The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images. An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, open a specially crafted file, or browse specially crafted web content. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

More @ NetworkWorldhttp://www.networkwo...ity/node/84189?