Microsoft exposed to a new Windows vulnerability: Attacking Windows supporting devices including Windows 10

The software technology giant Microsoft has revealed a new Windows vulnerability to be found in all the devices supported by previous Windows OS as well as Windows 10. According to a new security advisory released by the company, the attackers are exploiting a previously undisclosed security vulnerability. However, the company has also disclosed that at the current moment no patch is available for the vulnerability.

According to the company, the front parsing remote code execution vulnerability is present in the Adobe Type Manager Library allowing apps to manage and render fonts available from Adobe Systems. The attacker could exploit the vulnerability by tricking and convincing the user to open a specially crafted document or viewing it in the Windows Preview pane. This allows it to run malware on the Windows device.

However, the company is working on a fix and it promised to release a security patch for the vulnerability by next month. Updates that address security vulnerabilities in Microsoft software are typically released on Update Tuesday, the second Tuesday of each month. This predictable schedule allows for partner quality assurance and IT planning, which helps maintain the Windows ecosystem as a reliable, secure choice for our customers. The company has also listed some OS versions that are exposed to this bug. By the time you can follow a few workarounds explained by the company that will reduce the risk.

Disable the Preview Pane as well as details pane in Windows Explorer. This will prevent the automatic display of OTF fonts in Windows Explorer and also prevents malicious files from being viewed in Windows Explorer. However, this will not prevent a local, authenticated user from running a specially crafted program to exploit this vulnerability. 

Follow the steps to disable these panes in Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows 8.1

• Open Windows Explorer, click Organize and then click Layout.
• Clear both the Details pane and Preview pane menu options.
• Click Organize, and then click Folder and search options.
• Click the View tab.
• Under Advanced settings, check the Always show icons, never thumbnails box.
• Close all open instances of Windows Explorer for the change to take effect.

Perform the following steps for  Windows Server 2016, Windows 10, and Windows Server 2019:

• Open Windows Explorer, click the View tab.
• Clear both the Details pane and Preview pane menu options.
• Click Options, and then click the Change folder and search options.
• Click the View tab.
• Under Advanced settings, check the Always show icons, never thumbnails box.
• Close all open instances of Windows Explorer for the change to take effect.

For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.