Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has confirmed the existence of a vulnerability affecting the graphics rendering engine of some Windows operating systems.
The Redmond giant said it was working on a patch but that it was unlikely to be released separately as an emergency out-of-band update.
"We are not aware of any affected customers, nor of any active attacks targeting customers [using this vulnerability]," Microsoft's senior marketing communications manager for trustworthy computing Angela Gunn said.
The vulnerability was first disclosed at a security conference in South Korea last month, according to the SANS Technology Institute.
According to the Institute's Johannes Ullrich, the vulnerability affected all current versions of Windows, barring Windows 7 and 2008 R2.
"The vulnerability is exploited via malicious thumbnail images that may be attached to various documents (e.g. Microsoft Office documents)," Ullrich stated.
"The most likely exploit vector would use e-mail attachments. However, it is also possible to use network shares."
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.