6th November 2013
Microsoft has warned users of its Windows Vista and Windows Server 2008 operating systems, Office 2003 – 2010 and Lync to take precautions against their software being exploited by hackers.
The company says it is investigating a series of "targeted attacks" and is taking action to address the issue in the operating system.
The vulnerability – which lies in the system's TIFF graphics format – could enable hackers to gain rights to the computer on which the software is installed, enabling them to have the same rights as the logged on user.
Access would be gained by requested users to preview or open a specially crafted email or web content. This highlights the need to take great care when opening attachments or clicking on links in emails.
According to a BBC report, Microsoft says that preventive action "may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs". As an interim measure the company has advised customers to apply settings changes that do "not correct the underlying issue but would help block known attack vectors before a security update is available".
