Hackers expose yet another Windows 10 vulnerability
A patch could take weeks to arrive
Microsoft has just announced hackers have exposed a flaw in Windows 10 and are exploiting it with a new hack. Making matters worse, there is still no patch to prevent hackers from getting to you.
According to Microsoft’s advisory, these are “targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library.”
This Windows hack exposes remote code execution vulnerabilities when the “Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format”
The hack isn’t overly robust, as it only needs a user to open a document containing malware or view in the Windows preview pane. A hacker could easily accomplish this through a simple phishing email.
There may be a bit of a delay in releasing a patch to fix the issue, as Microsoft generally releases updates on the second Tuesday of each month. It can make out-of-band releases for major security issues, but this limited attack will likely be one that Microsoft will let ride until the next update Tuesday.
Until then, Microsoft has released a few workarounds to mitigate the vulnerability. You can find those at the bottom of the advisory page.
We’ll update you is Microsoft decides to release an off-band update before update Tuesday rolls around.
Humility in AI: Building trustworthy and ethical AI systems
How humble AI can help safeguard your businessDownload now
Future of video conferencing
Optimising video conferencing features to achieve business goalsDownload now
Leadership compass: Privileged Access Management
Securing privileged accounts in a high-risk environmentDownload now
Why you need to include the cloud in your disaster recovery plan
Preserving data for business successDownload now