Show vulnerabilities with patch / with exploit
24 March 2020

Hackers actively target two unpatched RCE-vulnerabilities in Windows


Hackers actively target two unpatched RCE-vulnerabilities in Windows

Microsoft has released an alert warning of targeted attacks actively exploiting two zero-day remote code execution (RCE) vulnerabilities affecting the Windows Adobe Type Manager Library. The flaws impact all supported versions of Windows, as well as Windows 7, which reached end of life in January this year.

“Microsoft is aware of limited targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released”, the tech giant says.

According to Microsoft, the two RCE-flaws exist due to a way the Windows Adobe Type Manager Library handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. The vulnerabilities could be exploited by tricking a user into opening a specially crafted document, or viewing it in the Windows Preview pane.

Rated as ‘Critical’, the vulnerabilities affect devices running desktop and server Windows versions, including Windows 10, Windows 8.1, Windows 7, and multiple versions of Windows Server.

“For systems running supported versions of Windows 10 a successful attack could only result in code execution within an AppContainer sandbox context with limited privileges and capabilities,” the company says.

Currently, Microsoft is working on a patch to address the issues. As the company noted, updates to address security vulnerabilities are usually released as part of Update Tuesday, typically scheduled for the second Tuesday of every month. This means, in theory, the next monthly batch of security updates is scheduled for April 14th.

Meanwhile, the Redmond company provided a temporary workaround to reduce the risk of attacks exploiting the above mentioned flaws. The company recommends to disable the Preview Pane and Details Pane in Windows Explorer to prevent the automatic display of OTF fonts.

Back to the list

Latest Posts

Ventilator manufacturer Boyce Technologies hit by DoppelPaymer ransomware attack amid COVID-19 pandemic

Ventilator manufacturer Boyce Technologies hit by DoppelPaymer ransomware attack amid COVID-19 pandemic

The hackers are threatening to release the stolen information if an undisclosed crypto ransom is not paid by the firm.
10 August 2020
20 GB of confidential Intel documents and specifications leaked online

20 GB of confidential Intel documents and specifications leaked online

The leaked database contains Intel files that are subject to a non-disclosure agreement.
7 August 2020
Vulnerabilities in Gmail and iCloud allow hiding the sender

Vulnerabilities in Gmail and iCloud allow hiding the sender

Manipulating email header fields allows for various types of attacks to deceive the addressee.
6 August 2020