Windows Code-Execution Zeroday is Under Active Exploit, Microsoft Warns

upstart writes in with an IRC submission for SoyCow9451:

Windows code-execution zeroday is under active exploit, Microsoft warns:

Attackers are actively exploiting a Windows zero-day vulnerability that can execute malicious code on fully updated systems, Microsoft warned on Monday.

The font-parsing remote code-execution vulnerability is being used in "limited targeted attacks," the software maker said in an advisory published on Monday morning. The security flaw exists in the Adobe Type Manager Library, a Windows DLL file that a wide variety of apps use to manage and render fonts available from Adobe Systems. The vulnerability consists of two code-execution flaws that can be triggered by the improper handling of maliciously crafted master fonts in the Adobe Type 1 Postscript format. Attackers can exploit them by convincing a target to open a booby-trapped document or viewing it in the Windows preview pane.

"Microsoft is aware of limited, targeted attacks that attempt to leverage this vulnerability," Monday's advisory warned. Elsewhere the advisory said: "For systems running supported versions of Windows 10 a successful attack could only result in code execution within an AppContainer sandbox context with limited privileges and capabilities."

Until a patch becomes available, Microsoft is suggesting users use one or more of the following workarounds:

• Disabling the Preview Pane and Details Pane in Windows Explorer
• Disabling the WebClient service
• Rename ATMFD.DLL, or alternatively, disable the file from the registry

Read more of this story at SoylentNews.