+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn (/showthread.php?tid=1444)
Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn - Mr.Kurd - 03-24-2020
In The Name OF Allah
Al-Salam Alekum
![[Image: microsoft-windows-flaw-lets-hackers-use-...41.640.jpg]](https://sm.pcmag.com/t/pcmag_in/news/m/microsoft-/microsoft-windows-flaw-lets-hackers-use-fonts-to-create-boob_6y41.640.jpg)
Looks like we need to update our Windows 10 OS again and again until we die finally -.-!
Quote:Microsoft issued a security warning for two unpatched critical windows 0-day vulnerabilities and the attackers currently exploiting in wide by executing arbitrary code remotely.
2 Vulnerabilities are uncovered in the Adobe Type Manager Library that affects all versions of Windows, and there is no patch available at this moment.
“Two Windows 0-day remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format,” Microsoft says.
The vulnerability described by Microsoft as “Type 1 Font Parsing Remote Code Execution Vulnerability” and the hackers attempting to exploiting these vulnerabilities in multiple ways.
Attackers compromising a user to open a specially crafted document or viewing it in the Windows Preview pane to exploit these Windows 0-day vulnerabilities.
Microsoft also clarifies that the vulnerabilities are used for limited targeted attacks that could leverage unpatched vulnerabilities in the Adobe Type Manager Library.
The Source
Wa Salam Alekum