TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Microsoft warns users of two critical, unpatched zero-day vulnerabilities in Adobe Type Manager Library

The safety of billions of Windows OS users could be at risk. Of late, Microsoft is warning users of all supported versions of the Windows operating system. Microsoft recently issued a security advisory warning users of a critical security threat produced by two new unpatched zero-day vulnerabilities present in the Windows operating system.

Windows 10 One Billion Monthly Active Users

Vulnerabilities in Adobe Type Manager Library

Both vulnerabilities exist within the way that Windows parses OpenType fonts using the Adobe Type Manager Library. Microsoft has already acknowledged the security threat they pose to Windows users. Microsoft is currently working on a fix.

In its security advisory, Microsoft wrote:

“Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.”

According to Microsoft, both the vulnerabilities in the Adobe Type Manager Library are critical and can be exploited in limited, targeted attacks.

These vulnerabilities affect users of all supported versions of the Windows operating system. For example, Windows 10, Windows 8.1 / RT 8.1, Windows Server 2008 / 2012 / 2012 RT / 2016 / 2019 remain vulnerable. They also affect users of Windows 7.

Microsoft officially ended the support for the Windows 7 operating system last month. However, most of the antivirus software solutions will continue to support Windows 7 for at least two years.

Microsoft warns there are multiple ways attackers could exploit the vulnerability to remotely gain control over targeted computers. Attackers could employ techniques such as convincing users to open a specially crafted document or viewing it in the Windows Preview pane.

Meanwhile, Microsoft has provided Windows users with a workaround to take the edge off the risk. Microsoft has recommended users to disable the Preview pane and Details pane in Windows Explorer:

  • Open Windows Explorer > Click Organize > Click Layout.
  • Cleared Details pane and Preview pane menu options.
  • Navigate to Organize > Folder > search options.
  • Under Advanced settings, check the Always show icons, never thumbnails box.
  • Close Windows Explorer for the change to take effect.

Additionally, Microsoft has also advised users to disable the WebClient service and rename the Adobe Type Manager Font Driver DLL file (ATMFD.dll).

Updated on Tags:

AnandKhanse@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP (2016-2022). He enjoys following and reporting Microsoft news and developments in the world of Personal Computing.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap