New Microsoft Windows Vulnerability What To Do While Waiting For Fix

New Microsoft Windows Vulnerability: What To Do While Waiting For Fix

Contents

Microsoft recently confirmed a new zero-day vulnerability. Here’s what you need to know and some of the workarounds while waiting on a fix.

You Are Reading :[thien_display_title]

New Microsoft Windows Vulnerability What To Do While Waiting For Fix

Microsoft has informed users that it is currently aware of a zero-day vulnerability in Windows that could be a real threat to systems. This is not the first time Windows has faced a serious flaw in recent weeks, adding to the worries for users.

Windows 10 has been undergoing a long term updating project with the latest being a major design revamp. During this time, the OS has had to deal with several bugs and performance issues. Just a few weeks back, Windows users reported numerous performance issues including blue screens and hanging after the release of the Windows 10’s cumulative update. That Windows 10 KB4535996 update itself was released to fix a cloud-computing bug that was affecting the offline file sharing activity in PCs. Consequently, these issues have been making users of older versions like Windows 7 or 8 reluctant to transition to the latest one. This is especially difficult for Windows 7 users since Microsoft ended support for that version in January. While Microsoft has been accused of a lack of transparency in the cloud-computing bug incident, this time around the company is being vocal.

In a detailed security advisory, Microsoft explains what the vulnerabilities are and the various workarounds users can employ to deal with them while the company prepares a patchwork update. There are two remote access code vulnerabilities in Windows related to Adobe Type Manager (ATM) Library, a DLL file that many apps use to render Adobe fonts. Both are the results of improper handling of a multi-master font named Adobe Type 1 PostScript format. Microsoft says there are various ways in which attackers could exploit this, and it could involve persuading users to open and view specific documents in Windows Preview Pane. The announcement also lists Windows versions vulnerable to this issue and how serious it is for each of them.

See also  Injustice Gods Among Us The 10 Best Moments That Rocked Our World

Latest Windows Vulnerability Workarounds

Since one way attack can happen is through the opening of files in Preview pane, users can disable it (as well as Details panes in Windows Explorer) although this comes at the price of the automatic display of OTF fonts. It’s not a perfect fix as attackers can still exploit the vulnerability through specific programs. Alternatively, users can also disable WebClient Services to protect affected systems from likely attacks. Remote attackers can still exploit the vulnerability, but will have to prompt the user to run random internet programs. The side effect is that, apart from Web Distributed Authoring And Versioning requests not getting transmitted, services that specifically depend on WebClient service won’t start. The last two workarounds involve renaming the ATMFD.DLL file, and disabling the same file using Registry Editor. Both of which are tricky to pull off if the user is not used to the Command Prompt or the Editor. All the four temporary fixes are explained in detail, including how to execute them, in the security advisory.

Although Microsoft is yet to create a fix, the company has asked users to wait for the next update which is due to arrive on the second Tuesday of the month. Regardless of whether Microsoft fixes this quickly or not, security issues and bugs have been piling up for Windows and its applications recently, including Edge browser.

Link Source : https://screenrant.com/microsoft-windows-vulnerability-explained-fixes/

Movies -