Security News > 2015 > July > Microsoft plugs another Windows zero-day with emergency patch (Help Net Security)
2015-07-21 09:23
Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow attackers to remotely execute cod...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1RKd4nWpsC0/secworld.php
Related news
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-20 | CVE-2015-2426 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability." | 0.0 |