Background
Microsoft has warned public that Windows code-execution zero day is under active exploit. The vulnerability consists of two code-execution flaws that can be triggered from improper handling of maliciously crafted master fonts in the Adobe Type 1 Postscript format. Attackers can exploit them by convincing a target to open a specially crafted document or viewing it in the Windows preview pane.
Impact
- Due to the vulnerability, attackers can execute malicious code even on fully updated systems
Targeted Version
- All Windows Servers
- Windows 7,8 and 10 (depending on version)
Recommendation
- While waiting for the patch, Microsoft suggest users of non-Windows 10 systems to use one or more of the following workarounds:
- Disabling Preview Pane and Details Pane in Windows Explorer
- Disabling theWebClient service
- Rename ATMFD.DLL (on Windows 10 systems that have a file by that name), or alternatively, disable the file from the registry
- Immediately update operating system once patch is ready