Microsoft has warned users of potential hacker attacks. The company has said it is “aware of targeted attacks”, which are exploiting a “vulnerability” in its operating system to gain user rights to the affected computers.
This issue is said to affect Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003-2010 and Microsoft Lync.
The company is investigating these attacks and has said that it will take the appropriate action to resolve the problem, which “may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs”.
It has advised customers to apply workarounds, which is a setting or configuration change. It “does not correct the underlying issue but would help block known attack vectors before a security update is available”.
Tagged Image File Format Flaw
Microsoft has said that the flaw is in the handling of the Tagged Image File Format (TIFF) image files by a graphics processing component in the affected software versions and that in order for the hackers to be successful, it “requires user interaction”.
Dustin Childs, a communications manager, said in a blog post that the attacks are disguised as an email requesting potential targets to open a specially crafted Word attachment. Once this attachment is opened or previewed, it attempts to exploit the issue with a malformed graphics image embedded in the document.
“An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user,” Mr Childs said.
“An attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website,” Microsoft said.
It then added: an attacker would have “no way to force users to view the attacker-controlled content”.
“Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker’s website.”
More details of which products are at risk are listed on the firm’s site.
[Image via phoneworld]