-
Microsoft Said to Be Confident That Surface Pro 10, Surface Laptop 6 Can Beat M3 MacBook Air in Performance9 April 2024 -
HP Omen Transcend 14 Review: Transcends What a Slim Laptop Can Do3 April 2024
-
Microsoft Wants OEMs Making AI PCs to Include a Dedicated Copilot Key in the Keyboard: Report27 March 2024
-
Microsoft Surface Pro 10, Surface Laptop 6, With Intel Core Ultra CPU Launched for Businesses: Price, Features22 March 2024
-
Introducing Revolutionary Laptops from Samsung - Galaxy Book4 Series: Redefining Excellence21 March 2024
- Home
- Laptops
- Laptops News
- Microsoft Issues an Emergency Update to Patch a Vulnerability That Affects All Versions of Windows
Microsoft Issues an Emergency Update to Patch a Vulnerability That Affects All Versions of Windows
By Manish Singh | Updated: 21 July 2015 10:44 IST
Advertisement
Microsoft has released an off-schedule update to patch a critical bug affecting all versions of Windows. The bug, if exploited, allows hackers to remotely execute malicious code on Windows computers.
A vulnerability was found in the way Windows Adobe Type Manager Library handles fonts that use Microsoft's OpenType format. If exploited, it could give attackers full control over the system.
A remote execution initiates when one tries to open a specially crafted document, or visits a booby-trapped website that contains embedded OpenType fonts. This is followed by installation of programs, and manipulation of data on victim's system. Furthermore, the attacker could create new accounts on the victim's computer and provide them with full user rights.
The vulnerability affects Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2008, Windows Server 2012. Even Windows 10 preview builds are affected by this vulnerability. If you're wondering,Windows XP and Windows Server 2003 are almost certainly affected too, but they aren't eligible to snag further updates from Microsoft.
If your computer is set to receive updates automatically, you don't have to worry about anything. If you aren't sure, you can manually download the relevant patch for your operating system from the company's website.
Microsoft delivers security patches every second Tuesday of the month (hence the name Patch Tuesday). This is only the second time this year since January, when it pushed out an "out-of-band" update.
Earlier this month, Microsoft issued a patch in which it squashed two vulnerabilities that became public in the aftermath of a mega security breach of the Hacking Team, an Italian hacker group.
Microsoft says that there is no evidence that today's vulnerability has been exploited in the wild. It thanked security firm FireEye and over enthusiast hamsters at Google's Project Zero.
A vulnerability was found in the way Windows Adobe Type Manager Library handles fonts that use Microsoft's OpenType format. If exploited, it could give attackers full control over the system.
A remote execution initiates when one tries to open a specially crafted document, or visits a booby-trapped website that contains embedded OpenType fonts. This is followed by installation of programs, and manipulation of data on victim's system. Furthermore, the attacker could create new accounts on the victim's computer and provide them with full user rights.
The vulnerability affects Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2008, Windows Server 2012. Even Windows 10 preview builds are affected by this vulnerability. If you're wondering,Windows XP and Windows Server 2003 are almost certainly affected too, but they aren't eligible to snag further updates from Microsoft.
If your computer is set to receive updates automatically, you don't have to worry about anything. If you aren't sure, you can manually download the relevant patch for your operating system from the company's website.
Microsoft delivers security patches every second Tuesday of the month (hence the name Patch Tuesday). This is only the second time this year since January, when it pushed out an "out-of-band" update.
Earlier this month, Microsoft issued a patch in which it squashed two vulnerabilities that became public in the aftermath of a mega security breach of the Hacking Team, an Italian hacker group.
Microsoft says that there is no evidence that today's vulnerability has been exploited in the wild. It thanked security firm FireEye and over enthusiast hamsters at Google's Project Zero.
Comments
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Further reading:
Laptops, Microsoft, PC, Windows, Windows 7, Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Vista, Windows bug
Related Stories
Microsoft Issues an Emergency Update to Patch a Vulnerability That Affects All Versions of Windows
Advertisement
Follow Us
-
03:19
Gadgets 360 With Technical Guruji: Something About the Nothing Ear, Ear (a) -
19:21
Gadgets 360 With Technical Guruji: Samsung's New AI Smart TVs, Nothing Ear -
05:23
Gadgets 360 With Technical Guruji: Samsung's New AI Smart TVs -
01:17
Gadgets 360 With Technical Guruji: Tech Tip [April 20, 2024] -
02:05
Gadgets 360 With Technical Guruji: Ask TG [April 20, 2024]
Advertisement
Popular on Gadgets
- AI
- iPhone 16 Leaks
- Apple Vision Pro
- Oneplus 12
- iPhone 14
- Apple iPhone 15
- OnePlus Nord CE 3 Lite 5G
- iPhone 13
- Xiaomi 14 Pro
- Oppo Find N3
- Tecno Spark Go (2023)
- Realme V30
- Best Phones Under 25000
- Samsung Galaxy S24 Series
- Cryptocurrency
- iQoo 12
- Samsung Galaxy S24 Ultra
- Giottus
- Samsung Galaxy Z Flip 5
- Apple 'Scary Fast'
- Housefull 5
- GoPro Hero 12 Black Review
- Invincible Season 2
- JioGlass
- HD Ready TV
- Laptop Under 50000
- Smartwatch Under 10000
- Latest Mobile Phones
- Compare Phones
Latest Gadgets
- HMD Pulse
- HMD Pulse+
- HMD Pulse Pro
- Realme Narzo 70x 5G
- Realme Narzo 70 5G
- Samsung Galaxy C55
- Blackview Hero 10
- Oppo K12
- Lenovo IdeaPad Pro 5i
- Asus ZenBook Duo 2024 (UX8406)
- Realme Pad 2 Wi-Fi
- Redmi Pad Pro
- boAt Storm Call 3
- Lava ProWatch Zn
- Samsung Samsung Neo QLED 8K Smart TV QN800D
- Samsung Neo QLED 4K Smart TV (QN90D)
- Sony PlayStation 5 Slim Digital Edition
- Sony PlayStation 5 Slim
- Lloyd 1.5 Ton 3 Star Inverter Split AC (GLS18I3FOSEW)
- Haier 1.5 Ton 3 Star Triple Inverter Split AC (HSU18K-PYSS3BN-INV)
- About Us
- Sitemaps
- Feedback
- Archives
- Contact Us
- RSS
- Advertise
- Career
- Privacy Policy
- Ethics
- Editorial Policy
- Terms & Conditions
- Complaint Redressal
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
