Lucene search

K
thnWang WeiTHN:2BA81AD2F8F7B8FE383C85260BD9F089
HistoryDec 10, 2013 - 7:40 a.m.

Microsoft released Security Patch for CVE-2013-5065 TIFF Zero-Day vulnerability

2013-12-1007:40:00
Wang Wei
thehackernews.com
23

0.001 Low

EPSS

Percentile

21.8%

Security Patch for TIFF Zero-Day vulnerability CVE-2013-5065 released

Microsoft has released 11 Security Patch this Tuesday, including one for CVE-2013-5065 zero-day vulnerability, recently discovered Local privilege escalation vulnerability that could allow a hacker to launch an attack using corrupted TIFF images to take over victims’ computers.

FireEye researchers said they found the exploit in the wild being used alongside a PDF-based exploit against a patched Adobe Reader vulnerability.

December’s Patch Tuesday update bundle brings five bulletins ranked critical, including a patch for a vulnerability that could allow remote code execution in Internet Explorer and another remote code execution vulnerability in Office and Microsoft Server is also addressed.

Other patches addressing remote code execution vulnerabilities in Lync, all versions of Office and Microsoft Exchange. All supported versions of Windows, from XP to RT and 8.1, are affected by at least one of the critical vulnerabilities.

The Six Security bulletins rated important deal with local elevation of privilege vulnerabilities in Windows and Microsoft Developer Tools.

Users are recommended to upgrade to Windows 7/above or Linux Distributions, and make sure that you have installed the latest versions of Adobe Reader.

Microsoft has also released an updated version (1.163.1657.0) of the Windows Malicious Software Removal Tool.

0.001 Low

EPSS

Percentile

21.8%

Related for THN:2BA81AD2F8F7B8FE383C85260BD9F089