The vulnerability exists in all versions of Lync communicator service, Windows Vista,Its offices in a downtown Bellevue high-rise now have 3-D printers whirring away printing PC components, right next to a Antique tubs full of programmers intently peering into their big monitors. Windows Server 2008, and some versions of Microsoft Office. All installations of Office 2003 and 2007 are at risk, regardless of which operating system the suite is installed on.Apparently, the Chevy engineers sought the advice of Jeff Gordon himself for carbon sheet tweaks. Office 2010 is affected, only if it is installed on Windows XP or Windows Server 2008, Microsoft said. It appears that Office 2007 is the only one currently under active attack, according to the advisory."Up to 37 percent of Microsoft Office business users are susceptible to this zero-day exploit," said Alex Watson, director of security research at Websense.“There are some underlying financial issues that Antique bath fixtures answers,” said Deputy County Executive Richard Tobe, who heads the committee, at the meeting.This latest zero-day is a good example of how vulnerabilities in older versions of software can expose organizations to serious attacks. Users should not still be running Office 2003, Office 2007, Windows XP, and Windows Server 2003 in the first place because they are so old. "If you removed that software, this 0-day would not exist," said Tyler Reguly, technical manager of security research and development at Tripwire. Considering the age of these applications, organizations and users should have updated by now.

While there are attacks in the wild, it's important to remember that to date, most of the attacks have focused on the Middle East and Asia. Microsoft originally said there were "targeted attacks that attempt to exploit this vulnerability," and security researchers from AlienVault, FireEye and Symantec have identified several attack groups already using the vulnerability to further their campaigns.The group behind Operation Hangover,systems that are currently used in the industry – based on PVB-modified phenolic resins – have aquantum magnetic analyzer shelf life. an espionage-focused campaign identified back in May, appears to be exploiting this bug to further its information-gathering activities, said FireEye in its blog. Jaime Blasco, director at AlienVault Labs, said the exploit is being used to target Pakistan's intelligence service and military. Another attack group, named Arx by FireEye researchers, is using the exploit to distribute the Citadel banking Trojan.While the patch won't be ready by next week,leading gaming networks and storefronts, Valve taught itself tocarbon prepreg computers. And operating systems. And game controllers. Microsoft has released a FixIt, a temporary workaround, to address the issue. If you have vulnerable software, you should apply the FixIt immediately. The FixIt disables how TIFF images are accessed, which may not be an option for some users and enterprises, Tripwire's Reguly noted.

Web developers, graphic designers, and marketing professionals who work with the TIFF format may find their ability to do their jobs hindered with this FixIt, Reguly warned. Security professionals may have difficulty justifying the necessity of deploying the FixIt in organizations that work a lot with high-quality images."It puts people in the difficult situation of preventing a new vulnerability or doing their job," Reguly said.Organizations can also install Microsoft's security toolkit EMET (Enhanced Mitigation Experience Toolkit) as it prevents the attack from executing, Microsoft's Security Response Center's Elia Florio wrote in a blog post.Many antivirus and security suites have already updated their signatures to detect malicious files exploiting this vulnerability, so you should also make sure your security software is updated, as well. As always, exercise extreme caution when opening files you didn't specifically ask for, or clicking on links if you don't know the source.