Skip to main content
MSRC

Zero-Day

CVE-2013-3906: a graphics vulnerability exploited through Word documents

Tuesday, November 05, 2013

Recently we become aware of a vulnerability of a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. Today we are releasing Security Advisory 2896666 which includes a proactive Fix it workaround for blocking this attack while we are working on the final update.