It seems that this is a banner year for viruses, malware, and Internet security issues in general.

Last week I was writing about the CyrptoLocker malware invasion (CLICK HERE to read that article), but now it’s a new week and I’m writing about a security issue with the Microsoft Graphics Component.

Will it even end?  (quick answer… NO!)

About the Vulnerability

GooberHere’s the deal…  On November 5th, Microsoft published a Security Advisory saying that there was a newly found vulnerability in what’s called the Microsoft Graphics Component.  This component is part of certain Microsoft programs (I’ll tell you about in a moment) and among other things, is responsible for handing certain types of images, including TIFF files.

In this case, the programming flaw allows the “bad folks” to create malicious TIFF image files that can be used to give them the rights to access your computer.

Infection happens when the bad folks somehow entice you into opening a specially created email message, browse a special web page, or open a special attachment that includes this bogus type of TIFF file.


But the good news is, only certain Microsoft programs are affected.  Here are the most important of those:

  • Windows Vista (SP2)
  • Microsoft Office 2003 (SP3)
  • Microsoft Office 2007 (SP3)
  • Microsoft Office 2010 (SP1 and SP2)

The programs that are NOT affected include Windows XP, Windows 7, Windows 8 and 8.1, and Office 2013.

What To Do

First of all, as is the case to protect yourself from ANY type of malware, do NOT open messages or attachments from someone you don’t know. Just delete them and move on with your life.

Next week is “patch Tuesday” day, which is when Microsoft does their monthly update of Windows and Office, typically addressing any flaws or security problems that were encountered the month before.  Most experts assume that Microsoft will fix the problem with the Graphics Component on that day.

But until then, if you have one of the compromisable programs, you can visit a special Microsoft Support page and follow the directions to “fix” the security problem.  CLICK HERE to visit that page on the Microsoft web site.

Going On from Here

As you probably already know, I’ve written a lot of articles about staying safe on the Internet. If you’d like to see them, here’s a link to the “master list”…  CLICK HERE to see all my articles on Staying Safe Online

Staying Safe on the InternetI also have a book called Staying Safe on the Internet that you can CLICK HERE to read more about.

And in case you’ve missed this list from other articles I’ve written, here are my 6 ways to keep yourself safe as you use the Internet:

  1. Make sure your Anti-virus program is up to date and that the virus definitions are getting updated.
  2. Make sure your Windows updates are happening, since they often contain security fixes.
  3. Make sure common programs you use on the Internet (Adobe Flash Player, Adobe Reader, Java) are updated. And frankly, as I’ve mentioned in other articles, just completely uninstall Java if you aren’t using it.
  4. Avoid opening any email attachment you weren’t expecting.
  5. Don’t fall for any phishing emails (i.e. emails that look like they are from legitimate companies asking you to open an attachment)
  6. Make regular backups that you store away from your computer.

Sorry to hit you with all this yet again, but I guess that’s just the new world we live in!

As always, I’d love to hear about your own personal experiences with Internet safety!  Please leave a comment below…

And Please Stay Safe!!!

FREE eNewsletter Subscription
Wondering who you can trust when it comes to computer technology? Need answers that aren’t full of techno babble? Sign up for the FREE DiscoverSkills eNewsletter