Active Members akkiliON Posted November 7, 2013 Active Members Report Share Posted November 7, 2013 Microsoft has issued a temporary fix for a 0day vulnerability that can be exploited to install malware via infected Word documents.A Zero-day Remote Code Execution flaw, which has been dubbed CVE-2013-3906 , exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office users running Windows Vista and Windows Server 2008."The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images," it said in the post. Vulnerability was reported to Microsoft by McAfee Labs senior security researcher Haifei Li. A successful infection can give an attacker complete control over a system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Currently the company is only aware of targeted attacks mostly in the Middle East and South Asia, with attackers sending unsuspecting victims crafted Word documents with a tainted attachment.An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, open a specially crafted file, or browse specially crafted web content.According to Microsoft, the exploit combines multiple techniques to bypass exploit mitigation techniques such as ASLR (DEP) and address space layout randomization (ASLR). The affected products are:Windows Vista x86, x64Windows Server 2008 x86, x64, Itanium, Server CoreMicrosoft Office 2003Microsoft Office 2007Microsoft Office 2010 x86, x64Microsoft Office Compatibility PackMicrosoft Lync 2010 x86, x64Microsoft Lync 2010 AttendeeMicrosoft Lync 2013 x86, x64Windows 7 and 8 and Office 2013 and Office 365 are not affected.Microsoft released a temporary 'Fix It' workaround that could block the attack by blocking rendering of the vulnerable TIFF graphic format by way of a registry key.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Gdiplus\DisableTIFFCodec = 1The Enhanced Mitigation Experience Toolkit (EMET) helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the vulnerability harder to exploit.CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component - The Hacker News 1 Quote Link to comment Share on other sites More sharing options...
Nytro Posted November 7, 2013 Report Share Posted November 7, 2013 Da, nu e niciun site de cacat spart, nu e interesant... </ironic> Quote Link to comment Share on other sites More sharing options...