Microsoft warns of RCE vulnerabilities

By Dylan Bushell-Embling
Tuesday, 31 March, 2020

Microsoft warns of RCE vulnerabilities

Microsoft has discovered two remote code execution vulnerabilities in unpatched versions of the Adobe Type Manager Library that are being actively exploited.

The company said it has become aware of targeted Windows 7-based attacks seeking to leverage the vulnerability to compromise target systems.

The two vulnerabilities involve the use of a specially crafted multimaster font that is improperly managed by unpatched versions of the library. The exploit can be triggered in multiple ways, including through the development of a malicious document to be opened or viewed in preview mode.

But possibility of remote code execution is negligible and elevation of privilege is not possible, Microsoft’s advisory states.

Microsoft said it is working on a fix that is likely to be released during the next Patch Tuesday. Due to Windows 7 being past its end-of-life date, the update will only be made available for businesses with Extended Support licences.

The threat is low for Windows 10 systems due to mitigations first put in place with the first version of the OS released in 2015, and the company is not aware of any attacks targeting Windows 10 systems using the vulnerability.

But the Australian Cyber Security Centre (ACSC) has urged businesses still running Windows 7 to implement Microsoft’s workarounds for the vulnerability.

These include disabling the preview and details panes of Windows Explorer, disabling the WebClient service and manually disabling the Adobe Type Manager Library registry key.

Image credit: © Thew

Related News

Malicious mobile apps doubled in last 12 months

There were 29,000 malicious mobile apps detected in 2020 Q1, up from 14,500 in the same quarter...

NAB using voice biometrics to verify customers

NAB has signed on 120,000 customers to its VoiceID biometrics authentication service since its...

New malware can steal data from air-gapped systems

ESET researchers have uncovered a new malware toolkit that appears to be designed to exfiltrate...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd