Home
Laptops
Laptops News
Microsoft Issues an Emergency Update to Patch a Vulnerability That Affects All Versions of Windows

Microsoft Issues an Emergency Update to Patch a Vulnerability That Affects All Versions of Windows

By Manish Singh | Updated: 21 July 2015 10:44 IST

Microsoft has released an off-schedule update to patch a critical bug affecting all versions of Windows. The bug, if exploited, allows hackers to remotely execute malicious code on Windows computers.
A vulnerability was found in the way Windows Adobe Type Manager Library handles fonts that use Microsoft's OpenType format. If exploited, it could give attackers full control over the system.
A remote execution initiates when one tries to open a specially crafted document, or visits a booby-trapped website that contains embedded OpenType fonts. This is followed by installation of programs, and manipulation of data on victim's system. Furthermore, the attacker could create new accounts on the victim's computer and provide them with full user rights.
The vulnerability affects Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2008, Windows Server 2012. Even Windows 10 preview builds are affected by this vulnerability. If you're wondering,Windows XP and Windows Server 2003 are almost certainly affected too, but they aren't eligible to snag further updates from Microsoft.
If your computer is set to receive updates automatically, you don't have to worry about anything. If you aren't sure, you can manually download the relevant patch for your operating system from the company's website.
Microsoft delivers security patches every second Tuesday of the month (hence the name Patch Tuesday). This is only the second time this year since January, when it pushed out an "out-of-band" update.
Earlier this month, Microsoft issued a patch in which it squashed two vulnerabilities that became public in the aftermath of a mega security breach of the Hacking Team, an Italian hacker group.
Microsoft says that there is no evidence that today's vulnerability has been exploited in the wild. It thanked security firm FireEye and over enthusiast hamsters at Google's Project Zero.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.