Skip to content ↓ | Skip to navigation ↓

Microsoft has announced the discovery of a vulnerability in a Microsoft graphics component that is actively being exploited in targeted attacks using tainted Word documents sent by to victims via email.

Thus far the attacks have been isolated to the Middle East and South Asia, and the exploit requires the target to open the specially crafted Word Doc which contains a malformed graphics image embedded in the document.

“This is yet another TIFF exploit. The TIFF format seems all but irrelevant to end users but, hardly a month which passes without a CVE stemming from TIFF parsing,” said Craig Young, a vulnerability researcher for Tripwire.

This latest zero-day is just another example of why people need to update to newer software versions more frequently, according to Tyler Reguly, technical manager of security research and development at Tripwire.

“Microsoft needs to become more aggressive with their end of life policies. Users should not still be running Office 2003, Office 2007, Windows XP, and Windows Server 2003,” Reguly said. If you removed that software, this zero-day would not exist. If it’s more than 5 years old, it’s probably time to end support.”

Microsoft has released a temporary Fix it workaround that can block the attack by changing the configuration on the computer to prevent the rendering of the vulnerable graphic format, but it does not mitigate the vulnerability itself.

“The Microsoft Fix It may not be viable for a lot of people. TIFF is a popular format and a lot of people may not be able to accomplish their daily work if their computer won’t render graphics properly,” said Reguly.

“Web developers, graphic designers, and those in marketing are just a few examples of people that may be greatly hindered by applying the fixit. It puts people in the difficult situation of preventing a new vulnerability or doing their job, and enterprises that work heavily with graphics may have a difficult time justifying the deployment of this fix,” Reguly said.

Read More Here…