It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either

It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either

Spreading in the wild, no vaccine, people told to distance themselves from dodgy sources... sounds familiar


Hackers are commandeering victims' Windows PCs by exploiting at least one remote-code-execution flaw in the Adobe Type Manager Library included with the Microsoft operating system. No patches are available right now.


Redmond today warned of two flaws, not yet assigned CVE numbers, present in the font parser – and at least one has been exploited in a "limited number of attacks" to hijack vulnerable computers. The only way to prevent trivial automatic exploitation is to disable the preview and details panes in Windows Explorer, though that will not kill off the bugs entirely unless you disable the library.


That "limited number" of victims may well change in the near future as ..

Support the originator by clicking the read the rest link below.