According to Microsoft security alert, cyber criminals and hackers are exploiting a zero-day vulnerability in the Windows 7 OS to take over systems.
Zero Day Vulnerability (ADV200006):
Microsoft Windows Adobe Type Manager Library is affected by two remote code execution vulnerabilities as it improperly handles a specially-crafted multi-master font (Adobe Type 1 PostScript format). Successful exploitation would require a remote attacker to convince a user to open a specially crafted document leading to memory corruption and executing arbitrary code on the system. This may result in complete compromise of vulnerable system.
Windows Impacted Systems:
All supported Windows and Windows Server operating systems are affected.
Windows 7, 8.1, RT 8.1, 10, Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
Microsoft says there are two remote code execution (RCE) vulnerabilities in this built-in library that allow attackers to run code on a user's system and take actions on their behalf.
"There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane," the company said.
The company described the current attacks exploiting the zero-day as "limited" and "targeted." The attacks were primarily aimed at Windows 7 systems; however, other Windows versions are also impacted.
According to Microsoft, all currently supported versions of the Windows and Windows Server operating systems are vulnerable. However, the zero-day vulnerability is less effective in Windows 10 machines, where the atmfd.dll file is either not present, or runs inside an AppContainer sandbox with limited permissions and capabilities.
Microsoft security updates are currently not available for this defect. Microsoft intimated that they might arrive during next month's Patch Tuesday, most likely scheduled for April 14.
In the meantime, Microsoft has published a series of mitigations that companies and home users can take if they believe they might be targeted with a Windows zero-day attack. Microsoft said the mitigations are not needed for Windows 10 systems, where the zero-day has a reduced impact.
Zero Day vulnerability mitigations steps include taking actions like: