Security News > 2020 > March > It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either
Hackers are commandeering victims' Windows PCs by exploiting at least one remote-code-execution flaw in the Adobe Type Manager Library included with the Microsoft operating system.
Redmond today warned of two flaws, not yet assigned CVE numbers, present in the font parser - and at least one has been exploited in a "Limited number of attacks" to hijack vulnerable computers.
The only way to prevent trivial automatic exploitation is to disable the preview and details panes in Windows Explorer, though that will not kill off the bugs entirely unless you disable the library.
When the victim's PC tries to view the file, either in an application or in a preview pane, the operating system passes the embedded font, in Adobe Type 1 PostScript format, to the Adobe Type Manager Library, which mishandles the corrupt data and causes arbitrary code smuggled within the font to execute.
One mitigation is to disable the Windows Explorer Preview Pane and Details Pane.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/03/23/microsoft_issues_red_alert/
Related news
- Windows driver zero-day exploited by Lazarus hackers to install rootkit (source)
- 0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193) (source)
- August Windows security update breaks dual boot on Linux systems (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Windows 10 KB5043064 update released with 6 fixes, security updates (source)
- About that Windows Installer 'make me admin' security hole. Here's how it's exploited (source)
- Windows Server 2025 previews security updates without restarts (source)
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)