{"id":4141,"date":"2013-11-11T15:46:02","date_gmt":"2013-11-11T23:46:02","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=4141"},"modified":"2013-11-11T16:42:48","modified_gmt":"2013-11-12T00:42:48","slug":"coverage-information-microsoft-security-advisory-2896666-microsoft-graphics-component-vulnerability","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2013\/11\/coverage-information-microsoft-security-advisory-2896666-microsoft-graphics-component-vulnerability\/","title":{"rendered":"Coverage Information for Microsoft Security Advisory (2896666), Microsoft Graphics Component Vulnerability"},"content":{"rendered":"<p>On Tuesday, November 5, 2013, Microsoft issued a Security Advisory for a graphics vulnerability exploited through Office and Word documents in multiple versions of Microsoft Office, (\u201cVulnerability in Microsoft Graphics Component Could Allow Remote Code Execution\u201d), CVE-2013-3906, <a href=\"http:\/\/technet.microsoft.com\/en-us\/security\/advisory\/2896666\" rel=\"nofollow,noopener\"  target=\"_blank\">http:\/\/technet.microsoft.com\/en-us\/security\/advisory\/2896666<\/a>.\u00a0 This vulnerability is exploited via targeted attacks over email by sending malformed graphics\/TIFF images embedded in Microsoft Office and Word documents and affects various versions of Microsoft Office. Attacks appear to be very selective primarily in the Middle East and South Asia.\u00a0 We received the out-of-band notification as part of our <a href=\"http:\/\/technet.microsoft.com\/en-US\/security\/dn467918\" rel=\"nofollow,noopener\"  target=\"_blank\">Microsoft Active Protections Program<\/a> (MAPP) participation.<\/p>\n<p>In response to this advisory, Palo Alto Networks released an emergency content update (version 404) on November 6th that provides protection against attempted exploitation of CVE-2013-3906 with IPS vulnerability signature ID's 36207 and 36208. \u00a0The attack signatures are both named \"Microsoft Word TIFF Image Integer Overflow Vulnerability.\"<\/p>\n<p><b>Severity:\u00a0<\/b>Critical<br \/>\n<b>ID:<\/b>\u00a036207 and 36208<br \/>\n<b>Attack Name:<\/b>\u00a0Microsoft Word TIFF Image Integer Overflow Vulnerability<br \/>\n<b>CVE ID:<\/b>\u00a0CVE-2013-3906<\/p>\n<p>Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices. If you have any questions about coverage for this advisory, please <a href=\"https:\/\/support.paloaltonetworks.com\/\" target=\"_blank\">contact support<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On Tuesday, November 5, 2013, Microsoft issued a Security Advisory for a graphics vulnerability exploited through Office and Word documents in multiple versions of Microsoft Office, (\u201cVulnerability in Microsoft Graphics Component Could &hellip;<\/p>\n","protected":false},"author":39,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[35],"tags":[],"coauthors":[],"class_list":["post-4141","post","type-post","status-publish","format-standard","hentry","category-threat-advisories-advisories"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/39"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=4141"}],"version-history":[{"count":4,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4141\/revisions"}],"predecessor-version":[{"id":4146,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4141\/revisions\/4146"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=4141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=4141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=4141"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=4141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}