Windows Font Parsing Zero Days Get Temporary Fix


Level 16
May 4, 2019
Until Microsoft releases a patch for two critical vulnerabilities affecting the font parsing component in all supported versions of Windows, some users can apply temporary protection in the form of a micropatch that prevents exploitation.

The two flaws affect the Adobe Type Manager Library (maintained by Microsoft) and are in the ATMFD.DLL font driver that processes Adobe Type 1 PostScript and OpenType fonts.

Leveraging them on systems earlier than Windows 10 can lead to remote code execution with elevated privileges. Microsoft is aware of threat actors exploiting them in targeted attacks on older versions of the operating system.


Level 30
Content Creator
May 13, 2017
Disable the WebClient service.
So much for people, who often ask: What is the point of disabling services? Over the years, virtually all windows services were vulnerable, at least once. Disabling services you never use, acts preemptively, even against unknown. And MS usually suggests workarounds, since fixes take months.