Microsoft has warned that attackers are already actively exploiting an unpatched Windows Zero Day vulnerability on fully updated devices. The vulnerability affects devices running Windows 7, 8.1, and Windows 10 equally. "Microsoft has become aware of limited targeted attacks on Windows 7 that could exploit unpatched vulnerabilities in the Adobe Type Manager Library," the company said in a recent note.
Microsoft said that the two vulnerabilities in remote code execution "exist in Microsoft Windows if the Windows Adobe Type Manager Library improperly handles a specially designed multi-master font – the Adobe Type 1 PostScript format." The Adobe Type Manager Library, which is designed to be the cause of the problem, is a system file that Adobe uses to manage and render fonts. Malicious attackers can also exploit this vulnerability in several ways, such as For example, by persuading users to open specially crafted documents or display them in the Windows Preview Window.
The Windows manufacturer added that it was working a correction. However, it seems that the company is not aiming for a particularly quick and unscheduled release of the fix, as Microsoft also mentioned that the release of security fixes on a regular basis every second Tuesday of the month. ensure partner quality assurance and IT planning "which contributes to maintaining the Windows ecosystem as a reliable, secure choice for our customers."
While Microsoft has classified the "Type 1 Font Parsing Remote Code Execution Vulnerability" itself as critical, it has also added a note that the threat to systems running Windows 10 "is due to changes that have been made since the first version in 2015. again", is rather low. The Windows manufacturer also added that the company is not aware of any attacks against Windows 10. "The ability to run remote code is negligible and it is not possible to increase privileges," Microsoft said. "For systems running supported versions of Windows 10, a successful attack could only result in the execution of code within an AppContainer sandbox context with limited privileges and capabilities," they added.
There are also workarounds, but it is not explicitly recommended that IT administrators running Windows 10 use them. These workarounds include disabling the preview pane and detail pane in Windows Explorer and the WebClient service.
the following versions of windows 7, 8.1 and windows 10 are affected (Microsoft list)
- Windows 10 for 32-bit Systems and x64-based Systems
- Windows 10 Version 1607 for 32-bit Systems and x64-based Systems
- Windows 10 Version 1709 for 32-bit Systems, ARM64-based Systems, and x64-based Systems
- Windows 10 Version 1803 for 32-bit Systems, ARM64-based Systems, and x64-based Systems
- Windows 10 Version 1809 for 32-bit Systems, ARM64-based Systems, and x64-based Systems
- Windows 10 Version 1903 for 32-bit Systems, ARM64-based Systems, and x64-based Systems
- Windows 10 Version 1909 for 32-bit Systems, ARM64-based Systems, and x64-based Systems
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows 8.1 for 32-bit systems and x64-based systems
- Windows RT 8.1
- Windows Server 2008 for 32-bit Systems Service Pack 2 and Server Core installation
- Windows Server 2008 for Itanium-Based Systems Service Pack 2
- Windows Server 2008 for x64-based Systems Service Pack 2 and Server Core installation
- Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 and Server Core installation
- Windows Server 2012 and Server Core installation
- Windows Server 2012 R2 and Server Core installation
- Windows Server 2016 and Server Core installation
- Windows Server 2019 and Server Core installation
Kommentieren