Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday March 25 2020, @03:07AM   Printer-friendly
from the Bummer-of-a-birthmark,-Hal dept.

Windows code-execution zeroday is under active exploit, Microsoft warns:

Attackers are actively exploiting a Windows zero-day vulnerability that can execute malicious code on fully updated systems, Microsoft warned on Monday.

The font-parsing remote code-execution vulnerability is being used in "limited targeted attacks," the software maker said in an advisory published on Monday morning. The security flaw exists in the Adobe Type Manager Library, a Windows DLL file that a wide variety of apps use to manage and render fonts available from Adobe Systems. The vulnerability consists of two code-execution flaws that can be triggered by the improper handling of maliciously crafted master fonts in the Adobe Type 1 Postscript format. Attackers can exploit them by convincing a target to open a booby-trapped document or viewing it in the Windows preview pane.

"Microsoft is aware of limited, targeted attacks that attempt to leverage this vulnerability," Monday's advisory warned. Elsewhere the advisory said: "For systems running supported versions of Windows 10 a successful attack could only result in code execution within an AppContainer sandbox context with limited privileges and capabilities."

Until a patch becomes available, Microsoft is suggesting users use one or more of the following workarounds:

  • Disabling the Preview Pane and Details Pane in Windows Explorer
  • Disabling the WebClient service
  • Rename ATMFD.DLL, or alternatively, disable the file from the registry

[...] Monday's advisory provides detailed instructions for both turning on and turning off all three workarounds. Enhanced Security Configuration, which is on by default on Windows Servers, doesn't mitigate the vulnerability, the advisory added.

[...] The phrase "limited targeted attacks" is frequently shorthand for exploits carried out by hackers carrying out espionage operations on behalf of governments. These types of attacks are usually limited to a small number of targets—in some cases, fewer than a dozen—who work in a specific environment that's of interest to the government sponsoring the hackers.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Informative) by Gaaark on Wednesday March 25 2020, @03:26AM (8 children)

    by Gaaark (41) on Wednesday March 25 2020, @03:26AM (#975317) Journal

    Zero day, every day, ad nauseum to the point of ad nauseum.

    Why do people STILL use Windows? Seriously?

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Informative=2, Total=3
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Wednesday March 25 2020, @04:57AM (1 child)

    by Anonymous Coward on Wednesday March 25 2020, @04:57AM (#975339)

    To fulfill the high R-0 prophecy.

    • (Score: 2) by DannyB on Wednesday March 25 2020, @03:51PM

      by DannyB (5839) Subscriber Badge on Wednesday March 25 2020, @03:51PM (#975499) Journal

      I am unfamiliar with this R-0 prophecy.

      --
      This Christmas season is the most likely to see Missile Tow instead of large artillery pieces being toed.
  • (Score: 2, Offtopic) by fliptop on Wednesday March 25 2020, @11:32AM (3 children)

    by fliptop (1666) on Wednesday March 25 2020, @11:32AM (#975404) Journal

    Why do people STILL use Windows?

    QuickBooks, AutoCad, various Point-of-Sale applications, Office (especially Publisher and Outlook), WordPerfect, and gaming. Just the first few that come to mind.

    I recently set up a client w/ several new workstations and put LibreOffice on each one. They complained, b/c when they did a search on a spreadsheet it didn't search all the sheets, just the page/tab they were currently on. I showed them the checkbox that says, "search all sheets" but they couldn't be bothered to do all that. So they subscribed to Office360. Most users are so clueless, if they won't even consider using LibreOffice on Windows, how can any of us in IT ever convince them to use something other than Windows?

    --
    It's crackers to slip a rozzer the dropsy in snide.
    • (Score: 2) by epitaxial on Wednesday March 25 2020, @01:05PM

      by epitaxial (3165) on Wednesday March 25 2020, @01:05PM (#975433)

      Engineering work. They don't make Linux builds for software and Wine only runs the most basic or ancient Windows programs.

    • (Score: 0) by Anonymous Coward on Wednesday March 25 2020, @01:29PM

      by Anonymous Coward on Wednesday March 25 2020, @01:29PM (#975447)

      > checkbox that says, "search all sheets"

      Anyone know if there is a setting to turn this on by default? Any Libre Office gurus here?

    • (Score: 2) by DannyB on Wednesday March 25 2020, @03:54PM

      by DannyB (5839) Subscriber Badge on Wednesday March 25 2020, @03:54PM (#975501) Journal

      checkbox that says, "search all sheets"

      Shine a powerful blacklight on the sheets from a safe distance.

      --
      This Christmas season is the most likely to see Missile Tow instead of large artillery pieces being toed.
  • (Score: 2) by inertnet on Wednesday March 25 2020, @02:50PM

    by inertnet (4071) on Wednesday March 25 2020, @02:50PM (#975475)

    Windows is patient zero.

  • (Score: 2) by DannyB on Wednesday March 25 2020, @03:55PM

    by DannyB (5839) Subscriber Badge on Wednesday March 25 2020, @03:55PM (#975503) Journal

    Why do people STILL use Windows? Seriously?

    How many people can say: because that's what my employer uses.

    Okay. As long as the IT department is responsible for maintaining it.

    --
    This Christmas season is the most likely to see Missile Tow instead of large artillery pieces being toed.