Security vulnerability in Windows leads to hacking attacks
Microsoft has released a statement that warns that attackers are exploiting a previously undisclosed security vulnerability that is found in all supported versions of Windows, including Windows 10.
There is currently no patch for the vulnerability.
The critical security flaw is found in how Windows handles and renders fonts.
‘Critical’ means that this security flaw ranks at the highest severity warning that Windows has.
This bug can be exploited once an attacker tricks a victim into opening a malicious document. Once the document has been opened, or viewed in Windows Preview, the attacker can remotely run the malware on the vulnerable device.
Microsoft’s advisory states that they are aware of hackers launching “limited, targeted attacks.” There is no report at this time as to whom the attacks are targeting or at what scale.
A patch is in the works, but Microsoft issued the advisory in order to warn users of the potential attack until that patch is released.
While Windows 7 is also affected, only enterprise users with extended security support will be receiving patches.
The next Patch Tuesday is slated for an April 14, 2020 release. If all goes as planned, the vulnerability fix should be included in the release.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648
