- May 4, 2019
- 801
Until Microsoft releases a patch for two critical vulnerabilities affecting the font parsing component in all supported versions of Windows, some users can apply temporary protection in the form of a micropatch that prevents exploitation.
The two flaws affect the Adobe Type Manager Library (maintained by Microsoft) and are in the ATMFD.DLL font driver that processes Adobe Type 1 PostScript and OpenType fonts.
Leveraging them on systems earlier than Windows 10 can lead to remote code execution with elevated privileges. Microsoft is aware of threat actors exploiting them in targeted attacks on older versions of the operating system.
Actively Exploited Windows Font Parsing Bugs Get Temporary Fix
Until Microsoft releases a patch for two critical vulnerabilities affecting the font parsing component in all supported versions of Windows, some users can apply temporary protection in the form of a micropatch that prevents exploitation.
www.bleepingcomputer.com