Like Tree1Likes
  • 1 Post By hackerman1

Thread: 0-day Vulnerability in Microsoft Graphics Component !

  1. #1
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default 0-day Vulnerability in Microsoft Graphics Component !

    Hi !

    "Microsoft Security Advisory (2896666)
    Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution

    Published: Tuesday, November 05, 2013

    Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Microsoft Office products.

    The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images.
    "
    A temporary and easy fix is a simple reg-hack, which took 1 minute....
    But then you can´t view any TIFF-images....

    A better solution is to install EMET:
    "Deploy the Enhanced Mitigation Experience Toolkit

    The Enhanced Mitigation Experience Toolkit (EMET) helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the vulnerability harder to exploit. EMET 4.0 is officially supported by Microsoft. At this time, EMET is only available in the English language. For more information, see Microsoft Knowledge Base Article 2458544."

    "EMET 4.0, in the recommended configuration, is automatically configured to help protect the affected software installed on your system. No additional steps are required."


    More info: http://technet.microsoft.com/en-us/secu ... ry/2896666
    Last edited by hackerman1; 6th November 2013 at 09:50.
    HappyAndyK likes this.

  2. #2
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    Hi !

    More info from Microsoft:

    "We’ve seen some confusion due to the shared nature of the GDI+ component, which is where the issue resides.
    There are three ways you can have the GDI+ component installed on your system: Office, Windows, and Lync.

    For Office:

    • Office 2003 and Office 2007 are affected regardless of the installed operating system. Currently, we are only aware of targeted attacks against Office 2007 users.
    • Office 2010 is affected only if installed on Windows XP or Windows Server 2003. Office 2010 is not affected when installed on Windows Vista or newer systems.
    • Office 2013 is not affected, regardless of OS platform.


    For Windows:

    • Supported versions of Windows Vista and Windows Server 2008 ship with the affected component but are not known to be under active attack.
    • Other versions of Windows are not directly impacted. Customers who use these systems are only impacted if they have an affected version of Office or Lync.


    For Lync clients:

    • All supported versions of Lync client are affected but are not known to be under active attack.


    Again, we’re only aware of targeted attacks against Office 2007.
    In those attacks, Windows XP was the operating system seen in use.
    "

    Clarification on Security Advisory 2896666 and the ANS for the November 2013 Security Bulletin Release - MSRC - Site Home - TechNet Blogs
    Last edited by hackerman1; 11th November 2013 at 03:41.

  3. #3
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    And this 0-day will NOT be fixed tomorrow on "Patch tuesday".

    "While this release won’t include an update for the issue first described in Security Advisory 2896666,...."

    Clarification on Security Advisory 2896666 and the ANS for the November 2013 Security Bulletin Release - MSRC - Site Home - TechNet Blogs

    So if you haven´t already done it, it´s time to do something about it.

    A temporary and easy fix is a simple reg-hack, which took 1 minute....
    But then you can´t view any TIFF-images....

    A better solution is to install EMET:
    "Deploy the Enhanced Mitigation Experience Toolkit"

    See my first post above.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22