Dismiss this notice
Kryptel Enterprise Valentines 2020 Giveaway - https://www.geeks.fyi/showthread.php?tid=10090

Dismiss this notice
Revo Uninstaller Pro 4 Valentines 2020 Giveaway - https://www.geeks.fyi/showthread.php?tid=10091

Dismiss this notice
FastPCTools Fast Video Downloader Giveaway - https://www.geeks.fyi/showthread.php?tid=9741

Dismiss this notice
AirVPN MakeUSLaugh 2020 Giveaway - https://www.geeks.fyi/showthread.php?tid=10093

Dismiss this notice
Driver Easy Professional Valentines 2020 Giveaway - https://www.geeks.fyi/showthread.php?tid=10094

Dismiss this notice
AIDA64 Extreme Valentines 2020 Giveaway - https://www.geeks.fyi/showthread.php?tid=10126

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Zero-day vulnerabilities in Adobe Type Manager Library affects multiple Windows OSs
#1
Exclamation 
Quote:
[Image: windows-adobe-type-manager-vulnerability-featured.jpg]

Microsoft has posted a security advisory about vulnerabilities in Adobe Type Manager Library, which are already being exploited by cybercriminals.

Microsoft has issued a warning about two new vulnerabilities in the Adobe Type Manager Library. Moreover, according to their information, some attackers are already exploiting them in targeted attacks.

What is Adobe Type Manager Library and how is it vulnerable

There were times when, to see proprietary Adobe fonts in Windows, you had to install additional software — Adobe Type Manager. This was not very convenient for the end users, so Adobe eventually opened the specifications for its formats and Microsoft built the font support into its operating systems. This is what Windows Adobe Type Manager Library is used for.

According to Microsoft, the problem is in how the library handles fonts of one particular format — Adobe Type 1 PostScript fonts. An attacker can craft a Type 1 PostScript font in such a way, that they gain the ability to execute arbitrary code on a Windows machine. There are several attack vectors to exploit the vulnerability — attackers can somehow convince the victim to open a malicious document or simply to view it through the “Preview Pane” (this refers to the system pane, and not to a similar function in the Microsoft Outlook mail client).

Attackers also can exploit this vulnerability through an extension to the HTTP called Web Distributed Authoring and Versioning (WebDAV), which allows users to collaborate on a document.

Microsoft suggests disabling the WebClient service, which allows you to use this feature, and stresses that this is the most likely remote attack vector.

Which systems are vulnerable

The vulnerability is present in 40 different versions of the operating systems Windows 10, Windows 7, Windows 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016 and Windows Server 2019. Microsoft security advisory ADV200006 contains a full list of vulnerable systems.

However, the company explains that in supported versions of Windows 10 a successful attack will only allow malicious code to be executed in the context of the AppContainer sandbox with limited privileges and capabilities.

Is there a patch?

As of the time of publishing this post, the vulnerability in Adobe Type Manager Library was not patched by Microsoft. However, Microsoft plans to release a patch on the next Patch Tuesday, which is April 14th. As soon as this happens, we will update the post.

What to do

From our side, we suggest using a reliable security solution to protect e-mail (since this is the most common method of delivering malicious documents) and also have a protective endpoint solution that can stop malicious activity including exploits. Both tasks can be handled by Kaspersky Endpoint Security for Business advanced. It goes without saying that it’s better not to open documents and e-mail attachments if you are not sure where they came from.

As there are no patches yet, so Microsoft suggests using the following workarounds.

* Turn off the preview and detail panes.
* Turn off Webclient service (which will disable WebDAV).
* Disable ATMFD.DLL library

You can find detailed instructions on how to do all three of these in Microsoft’s security guidance. It’s worth noting that disabling the Webclient service will result in WebDAV requests not being handled and applications relying on WebDAV will not be working correctly. The same is true for disabling ATMFD.DLL — applications that use it will not be working correctly in this case.
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
Cloudflare launches 1.1.1.1 For Families...
Cloudflare launche...Toligo — 21:29
Brave Browser Updates
Brave Stable v1.5....silversurfer — 20:23
Vivaldi Browser Updates
Vivaldi Stable 2.11...silversurfer — 20:19
Twitter discloses Firefox bug that cache...
Social networking g...silversurfer — 20:07
Emerging MakeFrame Skimmer from Magecart...
Researchers have o...silversurfer — 18:37

[-]
Birthdays
Today's Birthdays
avatar (42)cticigges
avatar (44)ecoFit
avatar (38)soccejeS
Upcoming Birthdays
avatar (39)wapedDow
avatar (43)oapedDow
avatar (36)Sanchowogy
avatar (40)MeighGoask
avatar (41)creatralGuelm
avatar (32)procnipsut
avatar (38)accenwibly
avatar (35)ahyvily
avatar (32)urumahiz
avatar (38)techlignub
avatar (37)Stevenmam
avatar (44)onlinbah
avatar (44)fuspeukChark
avatar (38)werriewWaiNg
avatar (32)Freemanleo
avatar (37)cdoubapKit
avatar (32)lystraPonia
avatar (45)steakelask
avatar (39)Termoplenka
avatar (37)bycoPaist
avatar (43)pieloKat
avatar (37)ilyagNeexy
avatar (45)donitascene
avatar (45)burntLaw
avatar (35)MrDoorsskibheeds
avatar (45)Toligo
avatar (40)Rodneykak
avatar (43)tradeSmode
avatar (33)vemedProkbior
avatar (32)RobertUtelt
avatar (40)JamesZic
avatar (37)Sanfordbup
avatar (32)Der.Reisende

[-]
Online Staff
There are no staff members currently online.

>