Remote code execution flaw exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office users running Windows Vista and Windows Server 2008. Vulnerability was reported to Microsoft by McAfee Labs senior security researcher Haifei Li. Microsoft released a temporary ‘Fix it’ workaround that could block the attack by blocking rendering of the vulnerable TIFF graphic format by way of a registry key. The affected products are: Windows Vista x86, x64; Windows 7 and 8 and Office 2013 and Office 365 are not affected.
Source: https://thehackernews.com/2013/11/cve-2013-3906-zero-day-vulnerability-Microsoft-Graphics-Component.html