Microsoft Windows document vulnerability has no fix

Cybersecurity Insiders

Microsoft has issued an official warning that the recently discovered font vulnerability has no fix as of now and users need to wait till April 14th, 2020 i.e. the next patch Tuesday.

Going by the details, a group of security researchers has found that hackers are exploiting a vulnerability in Windows handling and rendering fonts. They confirm that the flaw might help them deliver malicious documents- spreading malware such as ransomware.

Currently, it’s still unclear how many systems are impacted by this flaw. But the OS offering giant has clarified that the susceptibility will hit Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2019, Win Server 2016 and 2012 R2 and 2008 along with Windows 7.

A security advisory posted on the website of the technology giant says that the vulnerability is similar to that of an unpatched version of Adobe Type Manager Library which is used to handle a specially crafted multi-master font.

Microsoft says that hackers can target a PC by asking the user to open a specially crafted document or view it in a Windows preview pane.

For those using the Win 7 operating system, the flaw is reported to be extremely ‘critical’ as the support for the operating system has been withdrawn from Jan 2020.

Full article