Items tagged with TIFF

If you’re one of those folks that lollygags around when it comes to updating your iPhone to the latest version of iOS, you might want rethink that strategy. Apple released iOS 9.3.3 last week, and tucked inside the software update were some operating system tweaks and the usual bevy of security patches. One security patch in particular fixed a rather nasty vulnerability that can leave your Apple device open to attackers using a simple iMessage. The exploit allows an attacker to send a seemingly innocent TIFF image file via iMessage that actually contains a rather malicious payload. Cisco Talos describes the severity of the exploit, writing: When rendered by applications that use the Image I/O... Read more...
Heads-up, if you're running older versions of the Windows operating system, Microsoft Office or Microsoft Lync communication platform software. Microsoft released a security advisory noting that the TIFF (Tagged Image File Format) image handler in some of these older Microsoft software suites is subject to a vulnerability whereby "specially crafted TIFF images" could convince the user to open email messages, files or web content that could be used to exploit the host machine. Microsoft details the remote code execution vulnerability in security advisory 2896666 (evil, eh?) noting: "An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users... Read more...