TIFF Image Vulnerability Affects Microsoft Windows, Office and Lync
November 21, 2013
A vulnerability in Microsoft Graphics component that handles TIFF (Tagged Image File Format) images was discovered two weeks ago. This vulnerability allows a hacker to execute code remotely on the affected computer. This means that the hacker who created the malicious TIFF image to take advantage of this vulnerability, can execute code to infect the same computer with a virus, Trojan horse or other malicious computer programs remotely.
Please continue reading below.
How can the TIFF Image vulnerability affect you?
Your computer is at risk of getting infected with a virus, Trojan horse or other malware, if you:
- open a malicious TIFF image that was sent to you as an email attachment
- visit a website that contains a malicious TIFF image (drive-by downloads)
- open a malicious TIFF image stored on a Flash Drive or other storage media
This vulnerability affects Windows Vista, Windows Server 2008, Office 2003, 2007, and 2010, Lync 2010 and Lync 2013. On the other hand, Microsoft Windows 8.1, Windows 8, Windows 7, and all versions of Office 2013 are not affected.
Microsoft has not come up with a fix for this vulnerability, but has provided two utilities that can disable or enable the rendering of TIFF images. Disabling the rendering of TIFF images will prevent you from viewing images in this file format. But, this is the only way to protect yourself against this threat, until Microsoft comes up with a fix for this vulnerability.
You may disable the viewing of TIFF images on your computer by using the link provided below. And, as soon as Microsoft has fixed this vulnerability, you may re-enable the viewing of TIFF images by clicking on the other link provided below.
Click here to protect yourself against the TIFF Image vulnerability by disabling the viewing of TIFF images.
Click here to re-enable the viewing of TIFF images (if Microsoft has fixed this vulnerability).
After clicking on any of the links above, you will be asked to download a file. Please download the file, open and install.
Please share with us what you know or ask a question about this article, by leaving a comment below. And, forward malicious email messages to us using the following email address: firstname.lastname@example.org .
Alert and help your family and friends by sharing this article with them: