Microsoft has issued an official warning that the recently discovered font vulnerability has no fix as of now and users need to wait till April 14th, 2020 i.e. the next patch Tuesday.
Going by the details, a group of security researchers has found that hackers are exploiting a vulnerability in Windows handling and rendering fonts. They confirm that the flaw might help them deliver malicious documents- spreading malware such as ransomware.
Currently, it’s still unclear how many systems are impacted by this flaw. But the OS offering giant has clarified that the susceptibility will hit Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2019, Win Server 2016 and 2012 R2 and 2008 along with Windows 7.
A security advisory posted on the website of the technology giant says that the vulnerability is similar to that of an unpatched version of Adobe Type Manager Library which is used to handle a specially crafted multi-master font.
Microsoft says that hackers can target a PC by asking the user to open a specially crafted document or view it in a Windows preview pane.
For those using the Win 7 operating system, the flaw is reported to be extremely ‘critical’ as the support for the operating system has been withdrawn from Jan 2020.
Note– Windows 7 is an operating system produced by Microsoft on July 22nd, 2009 and the mainstream support for the said OS was withdrawn on Jan 13th, 2015 while the extended support ended on January 14th, 2020.
The post Microsoft Windows document vulnerability has no fix appeared first on Cybersecurity Insiders.
March 25, 2020 at 11:22AM
0 comments:
Post a Comment