The Company on its MSRC Website said that hackers could use the Adobe Type Manager Library to trick their targets into opening a malicious file. However, the good thing is that vulnerability is a limited targeted attack. That means it would affect only a certain number of users. On the bad note, Microsoft will take one more month to release the security patch. So, until then, it’s best to take a few steps to protect yourself from this Windows Zero-Day vulnerability.
ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability
Let me explain the new Windows Zero-Day Vulnerability – ADV200006. The attack relies entirely on the font parsing technique that uses the two existing vulnerabilities of Adobe Type Manager Library. If you have ever downloaded a font file from the internet, then you will know that it shows a font preview or thumbnail in the preview pane before installation. This is where the remote code execution takes place. Microsoft explained “Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format” “There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.” What makes the matter worse is that hackers can execute the attack even without opening the File. It’s because the attackers are using Windows Preview and thumbnail to exploit the vulnerability. So, even if you have downloaded a font file, but choose not to install it, the attackers can still carry out their task.
How To Fix Windows Zero-Day Vulnerability?
Below, we are going to share the best method to deal with the latest threat. Follow some of the simple steps given below to fix Zero-Day vulnerability on Windows 10. Step 1. First of all, open File Explorer and click on the ‘View’ button. Step 2. Click on both ‘Preview Pane’ and ‘Details Pane’. You need to disable these two options. So, make sure both the panes were not highlighted. Step 3. Next click on the ‘Options’ Step 4. On the Folder option, tap on ‘View’ Step 5. There you need to enable the ‘Always Show icons, never thumbnails’ checkbox. Step 6. Now open the RUN dialog box and enter ‘services.msc’ Step 7. From the list of services, select ‘WebClient’ Step 8. Double click on it and on the Startup Type, select ‘Disabled’ That’s it! you are done! This is how you can fix Windows Zero-day vulnerability. So, this article is all about how to fix Windows Zero-Day vulnerability on Windows 10. I hope this article helped you! Share it with your friends also.
Δ