Posted on Wednesday, November 06 2013 @ 11:51 CET by Thomas De Maesschalck
Microsoft send out a warning that they've discovered a new attack that exploits a vulnerability that can be exploited using specially crafted .tiff image files. The vulnerability is only present in an older branch of GDI+ libraries used by Windows Vista, Windows Server 2008, Office 2003 to Office 2010, and all versions of Lync. Other software isn't impacted by this vulnerability.
Today we released Security Advisory 2896666 regarding an issue that affects customers using Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync. We are aware of targeted attacks, largely in the Middle East and South Asia. The current versions of Microsoft Windows and Office are not affected by this issue. The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment. If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user.
Microsoft is working on a security update, in the meantime they offer a temporary fix that completely disables the tiff codec. You can find it
over here.
