Hackers expose yet another Windows 10 vulnerability

A patch could take weeks to arrive

Microsoft has just announced hackers have exposed a flaw in Windows 10 and are exploiting it with a new hack. Making matters worse, there is still no patch to prevent hackers from getting to you.

According to Microsoft’s advisory, these are “targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library.”

This Windows hack exposes remote code execution vulnerabilities when the “Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format”

The hack isn’t overly robust, as it only needs a user to open a document containing malware or view in the Windows preview pane. A hacker could easily accomplish this through a simple phishing email.

There may be a bit of a delay in releasing a patch to fix the issue, as Microsoft generally releases updates on the second Tuesday of each month. It can make out-of-band releases for major security issues, but this limited attack will likely be one that Microsoft will let ride until the next update Tuesday.

Until then, Microsoft has released a few workarounds to mitigate the vulnerability. You can find those at the bottom of the advisory page.

We’ll update you is Microsoft decides to release an off-band update before update Tuesday rolls around.

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021