DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 23, 2019 
Main Menu
News archives

Who's Online
There are currently 164 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Microsoft warns for .tiff vulnerability in older software

Posted on Wednesday, November 06 2013 @ 11:51:25 CET by

Microsoft logo
Microsoft send out a warning that they've discovered a new attack that exploits a vulnerability that can be exploited using specially crafted .tiff image files. The vulnerability is only present in an older branch of GDI+ libraries used by Windows Vista, Windows Server 2008, Office 2003 to Office 2010, and all versions of Lync. Other software isn't impacted by this vulnerability.
Today we released Security Advisory 2896666 regarding an issue that affects customers using Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync. We are aware of targeted attacks, largely in the Middle East and South Asia. The current versions of Microsoft Windows and Office are not affected by this issue. The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment. If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user.
Microsoft is working on a security update, in the meantime they offer a temporary fix that completely disables the tiff codec. You can find it over here.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba