Red Security

Red Security > General > News > Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi
Full Version: Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Mr.Kurd

03-26-2020, 09:03 AM
In The Name OF Allah
Al-Salam Alekum

[Image: Microsoft-fixed-800x445.jpg]

Why I feel that Microsoft doing this attack itself????? to get rid of Win7 users at least.

Quote:Reportedly, Microsoft has issued an alert for all users regarding a vulnerability that ships with the Windows operating system. The bug exists in Adobe Type Manager Library (atmfd.dll) which facilitates rendering PostScript Type 1 fonts inside the OS.


What’s troublesome is that before catching the attention of the vendors for a fix, it attracted hackers. Hence, this vulnerability is now under active exploitation. Microsoft have noted the exploitation of this zero-day vulnerability against Windows 7.

Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.

There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.



The Source
Wa Salam Alekum
Red Security > General > News > Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi