A serious vulnerability in all versions of Windows
Microsoft released a security update yesterday that addresses a critical vulnerability in Windows. Using it by an attacker could allow you to remotely take control of the system being attacked and ultimately execute malicious commands.
The critical vulnerability CVE-2015-2426 in the Adobe Type Manager library and marked in MS15-078 can allow an attacker to gain full control of the system, install programs, change and delete data, and create new accounts with full privileges if a user opens a specially crafted document or a website that has embedded OpenType fonts.
Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows 7, Windows 8 and Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT and Windows RT 8.1 are vulnerable to attack.
The update is now available for download in Windows Update.
The editorial office of the Trusted Third Party (Z3S.pl) also mentions that a Pole, Mateusz Jurczyk, who signs himself as "j00ru" is responsible for finding the gap. Mateusz has been dealing with security and malware analysis for many years. Actively participates in bug bounty contests, and since 2011 works for Google as the Information Security Engineer.
Learn more about our offer
We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.