November 08, 2013 | Other
  • Share:

A Fatal Vulnerability in Windows and Office

Microsoft is currently warning users about a new fatal vulnerability in Windows Vista, Server 2008 and Office 2003 to 2010. The vulnerability is defined and explained under the code “CVE-2013-3906”.

More security for Office Word

Set the Active-X configuration as shown above.


The vulnerability enables images infected with malicious code to access your system. Microsoft has defined this problem in the CVE (Common Vulnerabilities and Exposures) Database.

So far, AV-TEST has identified and analysed a total of eight different malicious DOCX files where this vulnerability is concerned. The following manufacturers have already updated their anti-virus products with a (static) signature in order to protect systems against these malicious files:

Status 11.11.2013, 09:30 UTC

AvastTIFF:CVE-2013-3906 [Expl] 
AVGExploit_c.YWS, Exploit_c.YWT
AviraEXP/CVE-2013-3906, EXP/CVE-2013-3906.A
Commtouch / F-ProtCVE133906
Dr.WebExploit.CVE2013-3906.1, Exploit.CVE2013-3906.2 
ESET Nod32Win32/Exploit.CVE-2013-3906.A trojan
FortinetW32/DocDrop.AP!tr, W32/MSOffice_CVE_2013_3906.A!exploit
G DataExploit.CVE-2013-3906.Gen
KasperskyExploit.MSOffice.CVE-2013-3906.a, Exploit.OLE2.CVE-2012-1856.b
McAfeeExploit-CVE2013-3906 (trojan), Exploit-FMC!DE64624613FD (trojan)
NormanShellcode.B, Shellcode.D
Norton / Symantec Trojan.Hantiff, Trojan.Mdropper 
ThreatTrackExploit.TIFF.CVE-2013-3906 (v)

Please note: Products/Manufacturers that are not listed above have either not yet been tested, not yet released an update or are not yet able to protect systems against all known attacks. We plan to update the overview provided above from time to time. In the meantime, we strongly recommend that you follow the recommendations published by Microsoft until a complete security update has been released. The following blog contains a description from Microsoft as to how you can quickly protect your system without an official update:

Tips for More Security

The simplest tip provided by Microsoft with regard to securing your operating system is to quickly access the Windows registry in order to restrict the display of TIFF files:
1. Open the registry editor with „Start, execute“, type in „regedit“ and press „Enter“
2. Open the entry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Gdiplus\DisableTIFFCodec = 0
3. Doubleclick the entry and change the value from „0“ to „1“

Changing Your Office Word Settings as a Preventive Measure

Instructions as to how to improve the security of Office Word can be found here:

Other helpful links include:

Social Media

We want to stay in touch with you! Now there is an easy way to receive regular updates on the latest news and test releases.