Microsoft on Monday said that it had discovered a new vulnerability in Windows 10 and other versions of the operating system that has already resulted in “limited, targeted attacks.” As of now, there is no patch for this vulnerability to fix it, though Microsoft ranks it as a “critical” flaw.
In this flaw, if a hacker becomes successful in pulling an attack, they could theoretically remotely run code or malware on the victim’s device. As reported by Microsoft, this flaw involves the Adobe Type Manager Library, which helps Windows render fonts.
“There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane,” according to Microsoft. The vulnerability has a severity level of “critical,” which is the company’s highest rating.
As mentioned above, currently, there is no patch for this vulnerability. However, Microsoft’s advisory said that the company would be releasing a patch to this vulnerability as a part of the Tuesday’s update. Most probably, Tuesday Update are scheduled for the second Tuesday of every month. That means, in theory, the next update Tuesday is scheduled for April 14th.
Meanwhile, the company recommended several steps to mitigate the vulnerability. One of the essential steps for users is, they can disable preview and Details panes in Windows Explorer, disable the WebClient service, or rename a DLL file found in versions before Windows 10 1709. Last but not least, don’t download or open a document from an untrusted source.
For the latest tech news and updates, Install TechCodex App and follow us on Google News, Facebook, and Twitter. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.