LANDesk Patch News Bulletin: Microsoft Releases Security Advisory 2896666 to Address a Vulnerability in Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 Through 2010, and all Supported Versions of Microsoft Lync 06-NOV-2013

Version 3

    LANDesk Security and Patch News



    • (November 06, 2013) Microsoft has released KB2896666: This KB is a Fixit solution that addresses a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images. The following products could be vulnerable, Microsoft Windows, Microsoft Office, and Microsoft Lync. An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, open a specially crafted file, or browse specially crafted web content. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The Fix it solution is not intended to be a replacement for any security update. Microsoft recommends that you always install the latest security updates. However, this Fix it solution is provided as a workaround option for some scenarios.
    • Please visit the following pages for more details:



    New Vulnerabilities

    • Vulnerability ID – 2896666_Enable_FixIt


    Changed Vulnerabilities

    • Vulnerability ID – N/A


    New Patch Downloads

    • microsoftfixit51004.msi


    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.


    Best regards,

    LANDesk Product Support


    Copyright © 2013 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.


    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit