No Patch (yet) for TIFF-handling vulnerability

Microsoft’s Patch Tuesdays have been full to the brim of remote code execution issues lately and here’s another one, which is already being exploited “in the wild,” but there won’t be a patch for it in the November slate of security updates. However, the company has already released a security advisory that includes workarounds, and noted that an attacker will have to persuade users to open an attachment or click a link in order for them to fall prey to the exploit. You can read more about it here:
http://www.gfi.com/blog/no-patch-forthcoming-for-tiff-handling-zero-day-vulnerability/

 

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top