Another Zero day exploit

Started by Gary, Nov 08, 2013, 17:16:04

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Gary

Nov 08, 2013, 17:16:04
Hackers have seized on the zero-day vulnerability, starring a buggy Microsoft graphics component, to run attacks featuring malicious Word documents.The vulnerability (CVE-2013-3906) involves the processing of TIFF graphics format files and is present in Microsoft Office 2003, 2007 and 2010 and some of the older Windows Operating Systems.

The one bit of good news is that Microsoft has already released a temporary Fix it that blocks the attack. The temporary workaround doesn't address the root cause of the vulnerability, as Microsoft itself is up-front in admitting. The fix simply blocks rendering of the vulnerable graphic format that can trigger the bug. More details and link to temp fix here http://www.theregister.co.uk/2013/11/08/ms_0day_widely_abused/
Damned, if you do damned if you don't
Print
Go Up Pages1
User actions