On March 23, Microsoft announced that it had discovered two critical vulnerabilities in Windows. The announcement was made outside the company’s regular communications schedule, highlighting how critical these vulnerabilities are. These are remote code execution vulnerabilities, and Adobe Type Manager Library. Microsoft says it is aware of a limited number of targeted attacks that are attempting to exploit these vulnerabilities.
The vulnerabilities
The vulnerabilities affect Windows Adobe Type Manager Library when it improperly handles a specially crafted Multiple Master font (called Adobe Type Manager PostScript format). To exploit this vulnerability, the attacker must trick the victim into opening a malicious document. The vulnerability can also pose a threat if the document is opened in the Windows Preview Pane.
If successful, the attack can corrupt the victim’s system memory, and can even compromise the entire vulnerable system. This vulnerability affects the following systems: Windows 7, 8.1, RT 8.1, 10, Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019.
Microsoft has explained that for systems running Windows 10 there is less risk, since mitigations were included in the first version of the operating system in 2015. What’s more, none of the attacks that have been seen exploiting these vulnerabilities have targeted Windows 10; the possibility of remote execution is negligible; and there is no possibility of elevation of privileges.
There is currently no patch for this vulnerability. However, Microsoft is working to fix this vulnerability. The company explained that updates to fix security vulnerabilities are usually launched on their Patch Tuesdays, to allow for partner quality assurance.
Windows security issues
Microsoft has been very active this year; it started 2020 launching an urgent patch for a critical vulnerability in Windows 10 and in Windows Server 2016 and 2019, among others. This vulnerability allowed legitimate software to be spoofed, facilitating the execution of malicious software on the affected endpoint to deploy remote code execution attacks
Also at the beginning of the year, Microsoft ended support for Windows 7 and Windows Server 2008. Systems running these versions stopped receiving patches and updates for vulnerabilities, leaving many computers exposed to cyber-risks; at the end of 2019, Windows 7 had a market share of 32.7%, a high number of computers.
How to protect your systems against vulnerabilities
The only way to protect against vulnerabilities is by apply the relevant patches. Vulnerabilities are responsible for a long list of security problems in organizations. However, many companies struggle when it comes to applying these patches. The reason for this is usually a lack of resources, tools, and time in a company. Another problem often encountered is that the organization has difficulty prioritizing which patches should be applied first.
To remedy this situation, Panda Security has a solution specifically designed to identify, manage, and install patches. Panda Patch Management automatically searches for the necessary patches. It prioritizes the most urgent updates and plans their installation. Pending patches are reported even in exploit and malware detections. This way, your company’s computers will always be protected.
Microsoft is currently working to develop a patch for these new vulnerabilities. With Panda Patch Management, when it is published, your systems will receive the patch, thus ensuring that the computers on your network will be protected.
The post Microsoft discovers two new remote code execution vulnerabilities appeared first on Panda Security Mediacenter.
Article Link: https://www.pandasecurity.com/mediacenter/news/windows-vulnerability-adobe-rce/