Η Microsoft προειδοποιεί για ένα νέο κενό ασφαλείας στα Windows που θα μπορούσε να αφήσει κακόβουλους χρήστες να πάρουν τον έλεγχο του computer you via captured image files.
The vulnerability, named CVE-2013-3906, is described by its security experts Redmond as a "remote code execution vulnerability in the way applications that handle specially edited TIFF images are affected."
In short: once someone opens a maliciously – tampered TIFF image it could lead to what is known as a drive-by download, or drive-by install, where the malware will silently install itself on your computer without any warning dialog.
Η vulnerability CVE-2013-3906 is a very new zero-day and so far, the reported attacks have been done through trapped TIFF images in DOCX files.
However, Microsoft warns that CVE-2013-3906 vulnerability can also be exploited through:
- Pre-review or open a specially created email.
- Opening a specially edited file like an attachment.
- Browsing in a teasing by clicking here .
Fix It
Fortunately, Microsoft immediately delivered a tool that will temporarily close this security gap.
You can run Fix It or create a new entry on your computer's registry
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Gdiplus \ DisableTIFFCode = 1
Of course, if your job requires you to work with TIFF files, you can not use DisableTIFFCodec as an option.
