Security News > 2020 > March > Unofficial Patches Released for Exploited Windows Font Processing Flaws
ACROS Security's 0patch service has developed unofficial patches for two actively exploited Windows vulnerabilities for which Microsoft has yet to release fixes.
Hackers can exploit the flaws by convincing users to open specially crafted documents or viewing them in the Windows preview pane.
The security holes impact Windows 10, 7, 8.1, Server 2008, Server 2012, Server 2016, Server 2019, and Server, but Windows 10 includes mitigations that significantly lower the risk of attacks.
Windows 7 will also be patched, but the fixes will only be made available by Microsoft to customers with an Extended Security Update license.
0patch has developed fixes for Windows 7 and Windows Server 2008 R2 without ESU. Unofficial patches will also be created for Windows 7 and Server 2008 R2 with ESU, Windows 8.1, and Windows Server 2012.