Microsoft Warns of Hackers Abusing Windows Adobe Library Zero-Days March 23, 2020 https://www.bleepingcomputer.com/ne...kers-abusing-windows-adobe-library-zero-days/ Microsoft security advisory
This vulnerability also affects Windows XP, Vista, Windows 7. In Windows XP, the Webclient service must be disabled. I have disabled this service for a long time, without any problems. P.S. I have now added third party remote fonts blocking to uBlock Origin. It would be interesting to discuss whether this option is effective or not.
Microsoft Windows Type 1 font parsing remote code execution vulnerabilities Vulnerability Note VU#354840 March 23, 2020 https://kb.cert.org/vuls/id/354840/
Critical font parsing issue in Windows revealed (fix inside) https://www.ghacks.net/2020/03/24/critical-font-parsing-issue-in-windows-revealed-fix-inside/
If any users is interested, some tips on the vulnerability: https://msfn.org/board/topic/181352-microsoft-warns-of-hackers-abusing-windows-adobe-library-zero-days/
Interesting what you read in the blog of 0patch,the first and second of the mitigations recommended by Microsoft have the cons of: https://blog.0patch.com/2020/03/micropatching-unknown-0days-in-windows.html I tried to do a test, consider that I am in the Standard Account (Windows 10 1909). I insert an image below: as you can see I opened the prompt window not with Administrator rights. I entered the command line: fontview agencyr.ttf this allows you to open the Font Viewer with that specific font. Note that in Process Explorer, Font Viewer, has an IL to the medium value. You can replicate the test by imagining that Font Viewer opens an Adobe Type 1 PostScript font.
How to Mitigate the Windows Font Parsing Zero-Day Bug via GPO April 1, 2020 https://www.bleepingcomputer.com/ne...he-windows-font-parsing-zero-day-bug-via-gpo/