Unpatched Zero Day Graphics Vulnerability (11/5/2013)

A current and unpatched zero day exploit is circulating that takes advantage of TIFF vulnerabilities in Windows graphics components. There are reports, and Microsoft has acknowledged, that this vulnerability is already being exploited in the wild via infected Word documents (details below). There is not a security patch for this vulnerability but Microsoft does have a Fix It solution that turns off TIFF display:

https://support.microsoft.com/kb/2896666

Note that users who need to display TIFFs in their workflow should not have this Fix It installed, but should take extra care when browsing the Internet.

The exploits seen in the wild arrives an email that entices users to open a specially crafted Word attachment or a specially crafted web page. Our end users are advised, as always, not to open unsolicited e-mail messages, and not to click on attached files or web links, especially those from unrecognized or suspicious origins.

LSPs and administrators are advised to monitor communications from Microsoft in the coming days for a software patch/update to mitigate this threat.

For technical reference

https://isc.sans.edu/forums/diary/TIFF+images+in+MS-Office+documents+use...
http://blogs.technet.com/b/srd/archive/2013/11/05/cve-2013-3906-a-graphi...

Print This Page Share:
Date Posted: November 5, 2013 Tags: Information Security and Privacy

Was this information helpful?

Login with PennKey to view and post comments