Posts Tagged ‘windows 7’

HP switches to Windows 7 ‘by popular demand’

January 21st, 2014 No comments

HP switches to Windows 7 'by popular demand'

HP has made Windows 7 the default operating system for all its new desktop systems, claiming that ‘popular demand’ has led it to switch from Windows 8.1.

HP has reintroduced a range of PCs running the last-generation Windows 7 operating system, claiming that users are demanding it as an alternative to the divisive touch-centric Windows 8.1.

Microsoft’s latest operating system, upgraded since launch to the tweaked Windows 8.1 build formerly known as Windows Blue, has as its focus a tile-based user interface based on the Metro UI originally developed for the company’s Windows Phone line. While it makes sense if you have a touch-screen device, many early adopters complained the UI was poorly optimised for keyboard and mouse users – and, coupled with a lack of a Start Menu without resorting to third-party add-on software, many chose to stick with their tried-and-tested Windows 7 installation instead.

For those who buy pre-built systems, however, things aren’t that simple: as is usual for a new Windows release, the majority of manufacturers have retired Windows 7 and supply all new systems with Windows 8.1 instead. Business users can typically find Windows 7 as an option – or downgrade for free if they’re volume license customers – but consumers looking to pick up a new system are forced into an OS upgrade at the same time.

At least, unless you’re buying from HP. The company has begun a campaign in the US – expected to reach the UK soon – to advertise a range of consumer-grade systems featuring Windows 7 in place of Microsoft’s latest and greatest. Claiming ‘popular demand,’ the company has opted to make Windows 7 the default on all its new consumer desktop systems with Windows 8 only available by customising the choices on its website. Its primary laptop platform, too, now comes with Windows 7 once again – although shoppers looking for a portable are at least offered Windows 8.1 without the need to delve into customisation options.

Beyond an email campaign and the pro-Windows 7 messages on its webstore, HP has not publicly commented on its move away from Windows 8.

Article source:

Article source:

Thief PC specs revealed, include Mantle support

January 20th, 2014 No comments

Thief PC specs revealed, include Mantle support

The upcoming Thief reboot is being ported to PC by Nixxes, and includes the promise of Mantle API support for AMD graphics processors.

Eidos has released recommended system specifications for its upcoming reboot of the Thief franchise, including promised support for AMD’s low-level Mantle application programming interface (API.)

The original titles in the series, Looking Glass Studios’ Thief: The Dark Project, launched in 1998 to critical acclaim. The first game to use both visibility and audibility as stealth mechanics, the game was praised for its artificial intelligence and the freedom offered to the player to complete missions in a variety of ways both lethal and non-lethal. Its game engine, known as the Dark Engine, would find a use in the sequel Thief II: The Metal Age and System Shock 2 – although here the stealth elements would be less obvious.

Even with the advent of next-gen consoles, for many old-school fans Thief will always be most at home on the PC,‘ claimed Edios’ Valerie Bourdeau when introducing the system specs of the franchise’s reboot. ‘To ensure the best possible experience on the platform, we’ve teamed up once again with the pros at Nixxes, who previously worked on the PC version of Deus Ex: Human Revolution and last year’s Tomb Raider. Now that we’re done tinkering and optimising every aspect of the game, we can finally announce the minimum and recommended system requirements.

Those system requirements see the minimum bar set at a Vista-based PC with a ‘high-performance dual core CPU or quad core CPU,’ alongside 4GB of RAM and an AMD Radeon 4800 or Nvidia GeForce GTS 250 series graphics card or better. 20GB of hard drive space is required to install the game, and DirectX 10 is a minimum requirement with no support for DirectX 9.

Those who want a smoother experience are recommended to use Windows 7 or 8 on a PC with either an AMD FX 8000 series or Intel Core i7 quad-core or better processor, more than 4GB of RAM, and an AMD Radeon R9 or Nvidia GeForce GTX 660 graphics card or better. Naturally, Eidos is also recommended a move to DirectX 11 to take advantage of the improvements in graphical fidelity possible under Microsoft’s latest APIs.

Bourdeau has also claimed that AMD, as the official hardware partner for the title, has also helped Nixxes add support for the company’s Mantle low-level API – promising performance improvements on compatible graphics chips. Support for Eyefinity multi-display rigs and AMD’s TrueAudio codec are also promised.

Thief launches in Europe on the 28th of February on Windows, PlayStations 3 and 4, and Xboxes 360 and One.

Article source:

Article source:

Windows 9 ‘Threshold’ release date April 2015

January 13th, 2014 No comments

Windows 9 'Threshold' release date April 2015

Microsoft BUILD 2014.

The release date for Windows 9, codenamed Threshold, has been earmarked as April 2015 according to Windows ‘insider’ Paul Thurrott.

Thurrott, who runs the blog Windows SuperSite, is well known as being a reliable source for Microsoft information and his latest tidbit is to reveal that the next version of Windows will be called Windows 9 and have a possible release date of April 2015.

Although he hasn’t cited any sources for his information Thurrott is confident that Microsoft will use the company’s BUILD developer conference in April 2014 to outline a new vision for the next version of Windows. That vision will include a new version of the Metro interface, dubbed Metro 2.0, with possibly a windowed version of the touch Metro mode.

He also describes how there is expected to be three ‘milestone’ releases before commercial availability, hinting at a beta, release candidate, etc release schedule.

A key reason for highlighting that the new release will be called Windows 9 is that Thurrott sees Microsoft as distancing itself from the ‘disaster’ that is Windows 8. As he points out, Windows 8.1 is currently in use on less than 25 million PCs, which for a major new Windows release is very poor uptake. Microsoft hopes Windows 8 will thus be seen as the Vista to Windows 9′s Windows 7.

We’ll hear more come April 2 when BUILD kicks off.

Article source:

Article source:

Windows ‘Threshold’ details leaked

December 10th, 2013 No comments

Windows 'Threshold' details leaked

Windows Threshold, rumoured to be launching in early 2015, is claimed to feature a common core and three SKUs: a tablet/smartphone centric Modern UI flavour; a mainstream consumer release; and an enterprise edition.

Details of Microsoft’s next-generation operating system, codenamed Windows Threshold, have started to emerge even as the company offers its customers a last-minute reprieve on Windows 7.

Part of Microsoft’s new, more rapid release cycle – an attempt to emulate the rapid progress of rivals like Apple’s OS X – Windows Threshold is claimed to be due to launch in early 2015 by sources speaking to ZDNet‘s Mary Jo Foley – sources who have, in the past, correctly leaked details on Windows 8.1 or, as it was known at the time, Windows Blue.

According to Foley’s sources, Windows Threshold will begin the process of moving the company’s disparate operating systems – Windows 8.1, Windows RT, Windows Phone and whatever you’d like to call the platform used by the freshly-launched Xbox One – into a central core with as few as three main stock-keeping units (SKUs) at launch.

The next Windows release, it is claimed, will have three flavours: a consumer-oriented SKU will feature compatibility with ARM and x86 hardware, the divisive tile-based Modern UI, and have as its primary focus smartphones, tablets, hybrids, and low-end PCs; the second SKU will be more like the Windows of old, featuring both the Modern UI and a more traditional desktop along with x86 – but likely not ARM – compatibility; finally, an enterprise SKU will add in missing features like group policy control and device management and may, it is claimed, be available only to corporate customers.

Paul Thurrott‘s own sources suggest that Windows Threshold will also include the ability to run multiple Modern UI applications in windows on the traditional desktop, blurring the line between Modern apps and classic software, and may even include the Start Menu – not just the Start Button of Windows 8.1 – without the need for third-party add-ons.

The leaks come as Microsoft backtracks on claims that it had already stopped shipping Windows 7 to its retailers and original equipment manufacturer (OEM) customers, stating instead that it will do so at a time ‘to be determined.’ Whether this is as a reaction to slow corporate uptake of Windows 8 and the looming spectre of Windows XP finally reaching its official end-of-life status in April next year is not known. Windows 7 itself, meanwhile, will not reach EOL until January 2020.

Article source:

Article source:

Samsung SSD 840 EVO mSATA 1TB Review

December 9th, 2013 No comments

Samsung SSD 840 EVO mSATA 1TB Review

Manufacturer: Samsung
UK price (as reviewed):
MSRP £509.99

It’s fair to say the original SSD 840 EVO launch was very successful. Thanks to its competitive performance, good value and tasty feature set, we awarded the entire range our Premium Grade award. Now Samsung is back with another set of SSD 840 EVO drives, having shrunk the entire range into the tiny mSATA form factor. And yes, this includes the 1TB model, and it’s this one we’re looking at today – a world’s first for drives this size.

Designed as an upgrade for ultra-thin laptops as well as desktops with mSATA capabilities, the fact that something so small can store up to 1TB of data is amazing in and of itself. For anyone unfamiliar with mSATA, the comparison shot below shows its size relative to the 2.5-inch version of the SSD 840 EVO.

Samsung SSD 840 EVO mSATA 1TB Review Samsung SSD 840 EVO mSATA 1TB Review
Click to enlarge – Behold, the world’s first 1TB mSATA SSD
The better news is that the mSATA version of the EVO has the same recommended price as the regular one, so there’s no premium for the smaller size. We’ve listed £509.99 as the MSRP, since this is in line with that of the original drive, but with 1TB SSD 840 EVO models selling for around £460 it could well be less by the time it hits retailers’ shelves. Of course, mechanical drives are still far cheaper, but equally they’re much larger and slower. As well as the 1TB model, the 120GB, 250GB and 500GB ones will also have mSATA equivalents, but not the 750GB one. Also, unlike the 2.5-inch drives, there will be no upgrade bundles with mSATA to USB or mSATA to SATA adaptors supplied – a somewhat surprising choice, particularly for laptop upgrades.

The 1TB drive features four separate NAND packages (2 on each side of the PCB), each with a whopping 256GB crammed inside. Samsung is sticking with 3-bit MLC (TLC) NAND for the EVO mSATA range, produced on a 19nm process. Though many have previously raised concerns about the endurance and performance of such NAND, the latter appears to be mostly unfounded. Torture tests elsewhere also reveal such NAND to be easily capable of surviving huge workloads, while the latest figures from Samsung suggest the original 840 EVO drives can survive at least 2,500 program/erase cycles. The company also offers a fairly standard three year warranty, and has a couple of tricks to address the performance side of things.

Samsung SSD 840 EVO mSATA 1TB Review
Click to enlarge – A size comparison of the mSATA and 2.5-inch models of the SSD 840 EVO
The first such trick is TurboWrite, whereby a fixed portion of the TLC NAND (with fixed address space) is treated by the drive as SLC NAND when writing. As such, it stores data in one of two states rather than one of eight, leading to easier and faster writes. All writes regardless of size are processed in this way, then when the drive is idle, they’re flushed to the regular NAND. If you filled the TurboWrite buffer with a single write task with no idle time, the drive will drop to lower write speeds (from 520MB/sec to 380MB/sec for the 1TB model) as it’s forced to write to the slower NAND areas. The size of the buffer varies by drive capacity, but for the 1TB drive it’s a healthy 12GB.

Another trick is the software based RAPID Mode, essentially a one click RAM-caching mode available through Samsung’s Magician software, with the pending 4.3 version set to add support to the SSD 840 PRO as well as the EVO mSATA models. It’s limited to one drive in Windows 7 or 8, and won’t function properly with Nvidia’s storage controllers, but we saw it work very convincingly in our original SSD 840 EVO testing.

Samsung SSD 840 EVO mSATA 1TB Review
Click to enlarge – The new drive uses much the same hardware as the original, but on a much smaller PCB
The EVO mSATA drives again utilise Samsung’s own MEX controller, a triple-core ARM-based model that operates at 400MHz, the same as before. Note that unlike the 2.5-inch drives, the mSATA ones have no casing and thus no cooling. The controller’s cache is also the same, with the 1TB version offering a full 1GB of LPDDR2 for the job.

Unlike the full size models, the mSATA ones also support the DEVSLP sleep state, whereby compatible systems (e.g. Haswell based ones) can perform background tasks while operating in a very deep sleep state, much like smartphones. Samsung suggests the drive’s power consumption is less than 2mW in this state, which has clear benefits for battery life in the laptop and ultra portable markets.

Finally, as well as the usual AES 256-bit encryption, the SSD 840 EVO mSATA range also comes with TGC/Opal 2.0 encryption, much like Crucial’s M500, making it compatible with the eDrive protocol in Windows 8. Encrypting with your drive with BitLocker should thus have essentially zero performance impact.


Interface: SATA 6Gbps
Nominal capacity: 1TB
Formatted capacity: 931.51GB (~6.8 percent over provision)
NAND flash: 4 x 256GB 19nm Samsung Toggle DDR 2.0 TLC
Controller: Samsung 3-core MEX
Cache: 1GB LPDDR2
Warranty: Three years

Article source:

Article source:

Microsoft patches critical TIFF zero-day

December 6th, 2013 No comments

Microsoft patches critical TIFF zero-day

Microsoft’s December Patch Tuesday bundle brings the long-awaited fix for a critical zero-day vulnerability in Windows, Office and Lync, but fails to patch a similar hole in Windows XP.

Microsoft has announced that an outstanding zero-day vulnerability missed off last month’s Patch Tuesday update is to be resolved next week, while missing another actively-exploited hole in its soon-to-be-obsolete yet still incredibly popular Windows XP OS.

Confirmed by the company back in November, when it released a Fix-It work-around for the flaw, the vulnerability in the Microsoft Graphics Component which handles tagged image file format (TIFF) loading and saving – a standard component of Windows, Office and Lync – allowed for the execution of arbitrary code under the context of the logged-in user, making for a serious security flaw.

Despite admitting that the zero-day vulnerability was under active attack, a fix was not forthcoming in November’s Patch Tuesday update bundle. That’s something the company is thankfully resolving this month, promising that a patch for the flaw – rated Critical on the company’s own ranking system – will be included in the regular releases made on the second Tuesday of each month.

Sadly, a recently-discovered vulnerability in Microsoft’s Windows XP Telephony API, which again allows for arbitrary code execution and is under active exploitation in the wild, is not so lucky. While only affecting the outdated Windows XP operating system, that’s still a substantial target for attackers: according to the most recent figures from NetMarketShare, Windows XP accounts for 31.22 per cent of the desktop and laptop operating system market. That’s just behind Windows 7 with 46.64 per cent, and significantly ahead of Windows 8 at a devilish 6.66% or Windows 8.1 with just 2.64 per cent.

While Microsoft is likely to patch the Windows XP hole some time early next year, it could be one of the last times such a vulnerability is addressed in the operating system. Official support for the platform expires in April 2014 after which end-users will no longer receive security updates – although larger corporations and government customers will sill be able to receive emergency patches for a short time following that deadline.

December’s Patch Tuesday update bundle also brings fixes for three more Critical-rated security vulnerabilities in Windows, one in Internet Explorer, one in the Exchange communications server package, and a further six updates ranked as Important in Windows, Office and the Microsoft Developer Tools which can result in privilege escalation – allowing any one of the Critical vulnerabilities to be used to execute code under administrative privileges, considerably worsening the impact of the flaws – information disclosure and security feature bypassing.

All updates, along with an upgraded version of the Windows Malicious Software Removal Tool, will hit Windows Update on Tuesday the 10th of December.

Article source:

Article source:

Computer Planet Nvidia Battlebox Review

December 2nd, 2013 No comments

Computer Planet Nvidia Battlebox Review

Manufacturer: Computer Planet
UK price: £2,742 (inc VAT)
US price: Currently unavailable

Earlier last month, Nvidia announced its GeForce GTX Battlebox programme – a scheme designed to bring 4K to the forefront of gaming and allow a select group of PC manufacturers go all-out in creating Nvidia Battlebox-approved PCs. Sporting a minimum of two of Nvidia’s high-end graphics cards in two-way SLI plus Intel Core i7 CPUs, the systems are designed to do one thing – batter the latest games into submission at 3840×2160 – also known as Ultra-HD or 4K.

We’ve been testing systems and graphics cards at 4K for a few months now and one thing is certain – it’s the most daunting task graphics cards have faced since Crysis. No single graphics card we’ve tested can cope with the likes of Crysis 3 and Battlefield 4 at maximum settings so for the time being, SLI/CrossFireX with two high-end graphics cards is the only way to be sure you have plenty of headroom.

To coin a phrase ‘Can it play Crysis?’ – in 2014, the question will be can it play 4K? While 4K PC monitors are still extremely expensive, the prices will fall and we also hope that the increased pixel density will filter down to smaller, cheaper displays too – 24in 2,560 x 1,600 monitors anyone? Back to the task at hand, though, and Computer Planet has been kind enough to send us its take on an Nvidia Battlebox.

Computer Planet Nvidia Battlebox Review Computer Planet Nvidia Battlebox Review

If you’re a regular in our massive modding community or perhaps seen a Mod of the Month article, you’ll know all about Parvum systems – the Essex-based acrylic case manufacturer who’s micro-ATX case, the S1.0, has resulted in some stunning builds that have been the envy of plenty a LAN party this year.

Computer Planet Nvidia Battlebox Review Computer Planet Nvidia Battlebox Review
The Battlebox is based on the S1.0, but retailing for close to £3K, you’d be right in expecting a fair amount of customisation as well as top-end hardware too. Thankfully, the Battlebox doesn’t disappoint on either account. Spec-wise, it has a Core i7-4770K CPU overclocked to 4.4GHz plus two Nvidia GeForce GTX 780 3GB’s. These can of course be upgraded to the latest ‘Ti’ models via Computer Planet’s configurator. The motherboard is a tasty inclusion too – Asus’ Maximus VI Gene sits at the heart of the PC along with 16GB of Corsair Vengeance 1,600MHz memory and a 240GB Corsair LS SSD and 2TB Seagate Barracuda hard disk.

Computer Planet Nvidia Battlebox Review Computer Planet Nvidia Battlebox Review
A Corsair HX1000 PSU should provide plenty of headroom, even with two GeForce GTX 780 3GB’s. For cooling, Computer Planet has opted for BeQuiet Silent wings fans for the case, while a custom water-cooling loop includes an XSPC Raystorm CPU waterblock, dual 120mm-fan radiator, Mayhems coolant and an EK-DCP 4.0 X-RES pump and reservoir.

Computer Planet Nvidia Battlebox Review Computer Planet Nvidia Battlebox Review
The specification is of course customisable so you could opt for entirely different hardware or choose to have the graphics cards water-cooled too, and while there’s no optical drive as standard, Computer Planet will offer potential buyers a slot-loading Blu-ray drive along with a modified front panel with a disc loading slot cut into it. There are two front USB 3.0 ports but something that’s amiss are audio minijacks.

Computer Planet Nvidia Battlebox Review Computer Planet Nvidia Battlebox Review
As Parvum Systems are able to create its cases from scratch using acrylic, there’s also the option to have the case made in different colours if green and black aren’t your thing, although we think it looks pretty awesome as it is. Despite being made of acrylic, the case is remarkably sturdy and solid-feeling with no hint of wobble, and the finishing is excellent.

Computer Planet Nvidia Battlebox Review Computer Planet Nvidia Battlebox Review


  • CPU Intel Core i7-4770K, overclocked to 4.4GHz
  • Motherboard Asus Maximus VI Gene
  • RAM 16GB Corsair Vengeance 1,600MHz
  • Graphics card 2 x Nvidia GeForce GTX 780 3GB in SLI with custom limited edition SLI bridge.
  • Case Parvum Systems custom micro-ATX case
  • Cooling XSPC Raystorm CPU waterblock, EK Fittings, dual 120mm-fan radiator and EK-DCP 4.0 X-RES pump, Mayhems coolant, BeQuiet Silent Wings fans
  • Storage 240GB Corsair LS SSD, Seagate Barracuda 7200rpm 2TB
  • PSU Corsair HX1000
  • Extras Pexon PC braided cables
  • Operating system Windows 7 64-bit
  • WarrantyTwo-year collect and return

Article source:

Article source:

Friday Poll: What would it take to get you to use Internet Explorer?

November 8th, 2013 No comments

Internet Explorer anime mascot

Microsoft’s semi-official anime mascot.


Microsoft’s Internet Explorer has a longtime image problem. Over the years, the browser has been criticized for being slow, bulky, and behind the times.

Firefox and Chrome rose up as stars and sent IE into the shadows. But Microsoft doesn’t give up easily, and the new IE 11 for Windows 7 is trying to leave the past behind and woo new users.

Microsoft says the latest IE incarnation is faster than the competition and a more secure choice due to its malware-blocking capabilities. The
Windows 8 version also sports touch support. There have still been some capability complaints from users, though, with some Web sites not displaying correctly.

To help with the whole image issue, the company even introduced Inori Aizawa, a hip young anime girl who is described as IE personified.

Inori comes with her own ugly-duckling backstory, a metaphor Microsoft hopes carries over to a new era of IE. Let’s pretend Microsoft is a
car salesman and Internet Explorer is on the showroom floor. The sales pitch could center around performance, features, or the lure of a robot-fighting mascot. Are you listening, or sticking your fingers in your ears?

What would it take to get you to use Internet Explorer? Vote in our poll and share your thoughts in the comments.

Article source:

Meet Microsoft’s new anime IE ‘it’ girl, Inori Aizawa

November 8th, 2013 No comments


Editors’ note: This is the first CNET article by Crave’s newest writer, geek celeb Bonnie Burton. A best-selling author of “The Star Wars Craft Book” and host of the Web show “Geek DIY,” Bonnie will be covering all manner of geek and sci-fi happenings. Got a story idea for Bonnie? Beam it her way!

What would it take to make Internet Explorer hip again? Could an anime heroine do it?

As it gears up for the launch of Internet Explorer 11 for Windows 7 on Thursday, Microsoft posted a new ad featuring Inori Aizawa, a feisty anime girl who battles robots with her trusty SmartScreen shield while wearing a Sailor Moon-esque outfit complete with the Windows logo on her skirt.

According to the Facebook page dedicated to Inori, she’s considered the personification of Internet Explorer.

Hey everyone! My name is Inori and you can think of me as a personification of Internet Explorer. When I was younger, I used to be a clumsy, slow, and awkward girl. However, just like the story of ugly duckling, people told me that I have really matured and changed over the years. I feel confident in my abilities now, and I’m eager to show you what I can do. Why don’t you get to know me a little better?

Inori’s design can be attributed to Collateral Damage Studios, which posted a blog in July explaining her origins. After artist and producer Danny Choo posted an image featuring human equivalents of the
Firefox, and Chrome browsers, the designers were inspired to create their own character worthy of IE’s transformation from a klutzy ugly duckling into an elegant superhero.

Clearly, Inori is no Clippy (the annoying office assistant attached to
Microsoft Office that just wouldn’t stop pestering anyone who attempted to write a letter in peace). She’s is a sassy girl who fights robots, dresses like a sexy otaku girl, and pets her cat while surfing the Net. She’s the kind of girl you want hanging around your computer. Inori isn’t an intelligent user interface, however. She’s just a girl standing in front of robots wanting to be loved.

Of course, no anime character is worth its weight in pixels without elaborate vital stats. Inori is 18 years old with an A-positive blood type. She loves mint ice cream and surfing the Internet, and dislikes bullies.

According to a Microsoft spokesperson, the anime character was created by Microsoft Singapore for the Anime Festival Asia (AFA) 2013. She is a part local marketing program for anime and Japanese popular-culture lovers at AFA 2013 and across Asia and does not represent an official mascot for Internet Explorer.

Regardless of Inori’s future official duties for Microsoft, she represents a shift in thinking about what IE’s image could become. Here’s hoping Inori’s story doesn’t end with this debut video below. If anyone could smack around Internet trolls in their place, it’s a girl who can destroy giant robots with a fling of the wrist.

Article source:

Microsoft releases emergency fix for TIFF flaw

November 6th, 2013 No comments

Microsoft releases emergency fix for TIFF flaw

Microsoft has warned of a zero-day vulnerability affecting Windows Vista and selected Office and Lync version, releasing an emergency ‘Fix It’ workaround.

Microsoft has released an out-of-cycle emergency workaround to plug a zero-day security vulnerability it says is being actively exploited by malware in the wild.

Typically, Microsoft limits its software update releases to the second Tuesday of each month – known as Patch Tuesday – both to give it time to thoroughly test the patches itself, and also to give system administrators a firm date on which they should set aside time to test and deploy the fixes. Occasionally, however, the company releases out-of-cycle patches in order to solve particularly nasty security flaws being actively exploited in-the-wild.

It’s one such flaw that has forced Microsoft’s hand this week. A vulnerability has been discovered in the way the Microsoft Graphics component – an integral part of Windows, Office, and Lync – handles tagged image file format (TIFF) data. By constructing a malicious TIFF, the company admits, an attacker can run arbitrary code – and malware has been spotted that does just that.

Hiding executable content in image files is the holy grail for malware writers: many security packages concentrate on known-executable content when scanning, in order to improve performance; as images are not usually executable, they are often skipped over and ignored – giving the malware a route into the system.

The flaw, Microsoft’s security advisory warns, can be triggered a number of ways: the TIFF and its malicious payload can be opened in an email client as an attachment or embedded image, as a file on a storage device or network location, or even simply rendered in the browser – making the vulnerability extremely useful for triggering drive-by downloads of malicious software.

Although there is no patch yet available, Microsoft has released a Fix It workaround. This disables the TIFF codec, preventing the Microsoft Graphics component from rendering any images in that format – a blow to usability, but a boon to security. When a formal patch is available, it will be released through Windows Update as an automatic update – at which point users who used the Fix It workaround can reverse the procedure to re-enable TIFF decoding.

While it’s a serious security flaw, there is mitigation: Microsoft’s latest software, including Windows 8.1, Windows 8, Windows 7, and all versions of Office 2013 are not affected. Confirmed as being vulnerable to the attack, meanwhile, are Windows Vista, Windows Server 2008, Office 2003, 2007, and 2010, and Lync 2010 plus client releases of Lync 2013.

A full analysis of the vulnerability, which Microsoft claims is being used in ‘very limited‘ attacks, can be found on the company’s TechNet site.

Article source:

Article source: