CVE-2013-3906: a graphics vulnerability exploited through Word documents

Recently we become aware of a vulnerability of a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. Today we are releasing Security Advisory 2896666 which includes a proactive Fix it workaround for blocking this attack while we are working on the final update. In this blog,…

0

MS10-105: Image Filters Update

This month we shipped a security update and bulletin (ms10-105) to address vulnerabilities in the .cgm, .tif, .fpx, and .pct image filters.  These filters are shipped with Microsoft Office to extend image rendering for applications.  Neither Office 2010 nor Office 2007 use filters to perform rendering by default.  Both use GDI+ instead.  Historically, if an…

0