New Microsoft 0-day vulnerability under attack
Posted on 06 November 2013.
Microsoft has released security advisory KB2896666 informing of a vulnerability (CVE-2013-3906) in the TIFF graphics format that is seeing limited attacks in the Middle East and South Asia.

The vulnerability is present in Microsoft Office 2003, 2007 and 2010 and some of the older Windows Operating Systems, and the currently observed attack vector is through Microsoft Word Documents. Microsoft has provided a Fix-It that turns off TIFF rendering in the affected graphics library, which should have no impact if you are not working with TIFF format files on a regular basis.

The listed software packages are not vulnerable under all conditions, so it is important that you take a look at your installed base and your possible exposure for the next couple of weeks into December. Given the close date of the next Patch Tuesday for November, we don't believe that we can count on a patch arriving in time; we will probably have to wait until December, which makes your planning for a work-around even more important.

Microsoft's proactive security toolkit EMET (Enhanced Mitigation Experience Toolkit) prevents the attack from executing, as do some of the Office 2010 security measures, such as Protective Mode. Microsoft has provided more information in this blog post on their SRD Blog.

McAfee has published a blog post providing more details about the attack vector through Office and how it manifests on the attacked machine.

Author: Wolfgang Kandek, CTO, Qualys.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th