Hackers expose yet another Windows 10 vulnerability

A patch could take weeks to arrive

Microsoft has just announced hackers have exposed a flaw in Windows 10 and are exploiting it with a new hack. Making matters worse, there is still no patch to prevent hackers from getting to you.

According to Microsoft’s advisory, these are “targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library.”

Advertisement - Article continues below

This Windows hack exposes remote code execution vulnerabilities when the “Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format”

The hack isn’t overly robust, as it only needs a user to open a document containing malware or view in the Windows preview pane. A hacker could easily accomplish this through a simple phishing email.

There may be a bit of a delay in releasing a patch to fix the issue, as Microsoft generally releases updates on the second Tuesday of each month. It can make out-of-band releases for major security issues, but this limited attack will likely be one that Microsoft will let ride until the next update Tuesday.

Until then, Microsoft has released a few workarounds to mitigate the vulnerability. You can find those at the bottom of the advisory page.

We’ll update you is Microsoft decides to release an off-band update before update Tuesday rolls around.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Most Popular

Visit/operating-systems/ios/355935/apple-confirms-serious-bugs-in-ios-135
iOS

Apple confirms serious bugs in iOS 13.5

4 Jun 2020
Visit/mobile/5g/355911/the-uk-pivots-to-japan-for-5g-equipment
5G

The UK looks to Japan and South Korea for 5G equipment

4 Jun 2020
Visit/security/ransomware/355945/new-ransomware-uses-java-to-target-software-organisations
ransomware

Tycoon ransomware discovered using Java image files to target software firms

5 Jun 2020