Security News > 2015 > July > Microsoft plugs another Windows zero-day with emergency patch (Help Net Security)
2015-07-21 09:23
Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow attackers to remotely execute cod...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1RKd4nWpsC0/secworld.php
Related news
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-20 | CVE-2015-2426 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability." | 0.0 |