(Photo : REUTERS/Bogdan Cristel)
If you didn't think Windows Vista was virus-prone enough, here's some news to convince you otherwise. Microsoft warned on Tuesday that the substandard Windows operating system is currently under attack from hackers who have found a zero day vulnerability.
Other Microsoft products are affected as well, including several versions of Microsoft Office, Microsoft Server 2008, and all versions of Microsoft Lync. Current versions of Microsoft Windows and Office are not affected by the exploit.
Microsoft released Security Advisory 2896666 regarding the attacks and described the issue in a blog post on Tuesday. The vulnerability involves an attack that can give hackers administrative privileges through an exploitable graphics code within a Word document. As such, the attack relies human error to exploit the vulnerability.
"The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment," wrote Microsoft's Dustin Childs in the blog post. "If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user."
Microsoft says it is actively working on a security update to fix the problem, but advises concerned customers to take the following steps to protect their machines:
- Apply the Microsoft Fix it solution, "Disable the TIFF Codec" that prevents exploitation of the issue
See Microsoft Knowledge Base Article 2896666 to use the automated Microsoft Fix it solution to enable this workaround.
- Deploy the Enhanced Mitigation Experience Toolkit (EMET)
This will help prevent exploitation by providing mitigations to protect against the issue and should not affect usability of any programs. An easy guide for EMET installation and configuration is available in KB2458544.
Microsoft also emphasized that customers should always take certain security measures seriously, like using anti-virus and anti-spyware software, enabling a firewall, and being wary of suspicious looking links or email attachments.
According to ZDNet, the following products are affected by the exploit:
Windows Vista x86, x64
Windows Server 2008 x86, x64, Itanium, Server Core
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office 2010 x86, x64
Microsoft Office Compatibility Pack
Microsoft Lync 2010 x86, x64
Microsoft Lync 2010 Attendee
Microsoft Lync 2013 x86, x64
Microsoft Lync Basic 2013 x86, x64