Microsoft Warns of Hackers Abusing Windows Adobe Library Zero-Days

Discussion in 'other security issues & news' started by mood, Mar 23, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,888
    Microsoft Warns of Hackers Abusing Windows Adobe Library Zero-Days
    March 23, 2020
    https://www.bleepingcomputer.com/ne...kers-abusing-windows-adobe-library-zero-days/
    Microsoft security advisory
     
  2. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,623
    Location:
    Italy
    This vulnerability also affects Windows XP, Vista, Windows 7.
    In Windows XP, the Webclient service must be disabled.
    I have disabled this service for a long time, without any problems.

    P.S.
    I have now added third party remote fonts blocking to uBlock Origin.
    It would be interesting to discuss whether this option is effective or not.;):)
     
    Last edited: Mar 23, 2020
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,888
    Microsoft Windows Type 1 font parsing remote code execution vulnerabilities
    Vulnerability Note VU#354840
    March 23, 2020

    https://kb.cert.org/vuls/id/354840/
     
  4. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,220
  5. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,623
    Location:
    Italy
    If any users is interested, some tips on the vulnerability:

    https://msfn.org/board/topic/181352-microsoft-warns-of-hackers-abusing-windows-adobe-library-zero-days/
     
  6. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,623
    Location:
    Italy
    Interesting what you read in the blog of 0patch,the first and second of the mitigations recommended by Microsoft have the cons of:

    https://blog.0patch.com/2020/03/micropatching-unknown-0days-in-windows.html

    I tried to do a test, consider that I am in the Standard Account (Windows 10 1909).
    I insert an image below:


    100.jpg


    as you can see I opened the prompt window not with Administrator rights.
    I entered the command line:

    fontview agencyr.ttf

    this allows you to open the Font Viewer with that specific font.

    Note that in Process Explorer, Font Viewer, has an IL to the medium value.

    You can replicate the test by imagining that Font Viewer opens an Adobe Type 1 PostScript font.
    ;)
     
    Last edited: Mar 31, 2020
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,888
    How to Mitigate the Windows Font Parsing Zero-Day Bug via GPO
    April 1, 2020
    https://www.bleepingcomputer.com/ne...he-windows-font-parsing-zero-day-bug-via-gpo/
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.