The Hacker News Logo
Subscribe to Newsletter

Microsoft released Security Patch for CVE-2013-5065 TIFF Zero-Day vulnerability

Security Patch for TIFF Zero-Day vulnerability CVE-2013-5065 released
Microsoft has released 11 Security Patch this Tuesday, including one for CVE-2013-5065 zero-day vulnerability, recently discovered Local privilege escalation vulnerability that could allow a hacker to launch an attack using corrupted TIFF images to take over victims' computers.
FireEye researchers said they found the exploit in the wild being used alongside a PDF-based exploit against a patched Adobe Reader vulnerability.

December's Patch Tuesday update bundle brings five bulletins ranked critical, including a patch for a vulnerability that could allow remote code execution in Internet Explorer and another remote code execution vulnerability in Office and Microsoft Server is also addressed.

Other patches addressing remote code execution vulnerabilities in Lync, all versions of Office and Microsoft Exchange. All supported versions of Windows, from XP to RT and 8.1, are affected by at least one of the critical vulnerabilities.

The Six Security bulletins rated important deal with local elevation of privilege vulnerabilities in Windows and Microsoft Developer Tools.

Users are recommended to upgrade to Windows 7/above or Linux Distributions, and make sure that you have installed the latest versions of Adobe Reader.

Microsoft has also released an updated version (1.163.1657.0) of the Windows Malicious Software Removal Tool.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.