- dotTech - http://dottech.org -

Microsoft issues temporary fix for malware via image security issue

EMET Notifier [1]

Windows has been exploited thanks to a group of hackers finding a vulnerability. Finally, Microsoft has developed a way to plug the hole, so to speak, and keep hackers from installing malware on computers running the affected version of Windows and Office.

The vulnerability, which we covered already [2], is related to how some Microsoft products and versions of Windows read TIFF image files.

Microsoft hasn’t come up with a permanent fix, yet, but they have found a temporary solution. The fix [3] can be downloaded to your computer and it keeps the graphic from being rendered. The graphic is what triggers the malware. Other options available is a registry change that prevents TIFFs from being displayed and the Enhanced Mitigation Experience Toolkit [4] to block the potentially dangerous download.

Microsoft has issued several advisories warning their users about this vulnerability. They are currently working on a permanent fix and will issue it as soon as it is available.

[via Ars Technica [5]]