SophosLabs Threat Level moves to “High Risk” due to Microsoft zero-day threat


ZeroDaySophosLabs today raised the Threat Level to “High Risk,” due to a vulnerability in the Microsoft Graphics component that could allow remote code execution. The flaw affects Microsoft Windows, Microsoft Office, and Microsoft Lync.

Our High Risk designation means there is a strong possibility of this vulnerability being actively exploited by malware.

According to SophosLabs, Microsoft has yet to release a patch to fix this vulnerability. In the meantime, we recommend running the FixIt tool provided by Microsoft to block the vulnerability until a patch is released.

Microsoft said it is aware of targeted attacks using specially crafted TIFF images that can exploit this vulnerability in Microsoft Office and compromise the system. SophosLabs has not seen any samples in the wild exploiting this vulnerability. Read the SophosLabs advisory here.

To stay on top of advisories like this one, join the Sophos FreeTalk Threat Awareness forum and follow our Support teams on Twitter.

Stay connected with SophosLabs on Twitter and on YouTube. Read up on the latest breaking news from our experts at Naked Security.

And visit our Threat Dashboard for more information on the threats we’re tracking.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.