Microsoft Graphics Component Could Allow Remote Code Execution
07 November 2013
Remote exploitation of a memory corruption vulnerability in multiple Microsoft products could allow attackers to execute arbitrary code on the targeted host. The issue occurs with how the TIFF codec in Microsoft's graphics component handles crafted TIFF files. Processing crafted TIFF files can corrupt system memory and create an exploitable condition.
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.
Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.
68% of US smartphone users are concerned about having their activity tracked to serve them targeted ads, suggesting that most smartphone users are uncomfortable with the idea of online behavioral advertising.