Microsoft Warns This Windows Zero-Day Security Vulnerability Is Being Actively Exploited

Windows 10
Microsoft has issued a security advisory warning users that hackers are known to be exploiting a zero-day vulnerability affecting most versions of Windows, including Windows 10, Windows 8/8.1, Windows 7, and Windows Server 2008-2019. The vulnerability, labeled as Critical, as not yet been patched by Microsoft's engineers.

What that essentially means is even if your PC is fully patched, you are still vulnerable to this exploit. The exploit exists within the Adobe Type Manager Library, which deals with the way Windows manages and renders fonts.

"Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane," Microsoft explains.

Microsoft says it is aware of limited targeted attacks in the wild that leverage the flaw.  It is not clear how successful those attempts have been, though as it applies to Windows 10, Microsoft said a successful attack can only result in code execution within an AppContainer sandbox context with limited privileges and capabilities.

While no patch available, Microsoft outlined a handful of workarounds. They boil down to the following...
  • Disable the Preview Pane and Details Pane in Windows Explorer
  • Disable the WebClient service
  • Rename ATMFD.DLL or disable it in the Registry
You can hit the link in the Via field below for detailed instructions on how to carry those out, as well as potential impacts from doing so. Otherwise, hang tight until the next Patch Tuesday update, which will be doled out on April 14 (the second Tuesday of next month).

Show comments blog comments powered by Disqus