Go update now! Microsoft issues critical fix for OpenType vulnerability

washington post hacked chinese origin suspected hacker
Microsoft has four different levels for classifying vulnerabilities in an operating system. Most of them aren’t of huge concern, and the fixes are bundled into a weekly update. Sometimes, though, Microsoft has to sound the air raid sirens with a critical severity security flaw, in this case one that affects every version of Windows, and could mean losing complete control of your system.

The exploit, which is fondly referred to as MS15-078, takes advantage of the method in which the system handles third-party fonts. The attacker uses a file or website with a special font embedded in it, and when the system attempts to draw the file, it causes a back door in the code that gives the attacker unfettered access to the system.

Once inside, they can install malicious software, view and change data, and even create an administrative user account without you knowing they’re there at all.

As far as Microsoft can tell, or is willing to admit, no users have been attacked using this method yet, but it was out there in the wild. News of the flaw comes courtesy of the Italian software company Hacking Team, whose software and clients were recently hacked by another group and shared on Twitter. The details of the flaw were uncovered in the shared files by members of a number of different infosec groups, including FireEye and Google’s Project Zero.

The hack affects Windows 7, 8, 8.1, RT, RT 8.1, and Servers 2008 through 2012 R2. The home versions of Windows have already been issued automatic updates, while server users will have to download and patch the issue themselves.

You can also find more detailed information, along with command-line workarounds if you want to seal the leak by hand. The latest Insider Preview for Windows 10 is said to be affected as well, but no patch has been issued, so if that’s you, be careful where you click.

Computing

Own an Asus computer? Malware might be hiding in your system

If you own an Asus computer, your system might have been infected by malware distributed from the tool you typically use to update the BIOS and install other security patches, according to a new report by cybersecurity firm Kaspersky Lab.
Gaming

These are the must-have games that every Xbox One owner needs

More than four years into its life span, Microsoft's latest console is finally coming into its own. From Cuphead to Halo 5, the best Xbox One games offer something for players of every type.
Computing

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.
Computing

Problems with installing or updating Windows 10? Here's how to fix them

Upgrading to the newest version of Windows 10 is usually a breeze, but sometimes you run into issues. Never fear though. Our guide will help you isolate the issue at hand and solve it in a timely manner.
Computing

You don't have to spend a fortune on a PC. These are the best laptops under $300

Buying a laptop needn't mean spending a fortune. If you're just looking to browse the internet, answer emails, and watch Netflix, you can pick up a great laptop at a great price. These are the best laptops under $300.
Computing

Dodge the biggest laptop-buying mistakes with these handy tips

Buying a new laptop is exciting, but you need to watch your footing. There are a number of pitfalls you need to avoid and we're here to help. Check out these top-10 laptop buying mistakes and how to avoid them.
Computing

Amazon sale knocks $200 off the price of 13-inch MacBook Pro with Touch Bar

If you always wanted to buy a MacBook Pro but found it a bit too expensive, now is your chance to save. A base version of the 13-inch MacBook Pro with Touch Bar is currently on sale at Amazon for $1,600.
Computing

Keep your laptop battery in tip-top condition with these handy tips

Learn how to care for your laptop's battery, how it works, and what you can do to make sure yours last for years and retains its charge. Check out our handy guide for valuable tips, no matter what type of laptop you have.
Computing

Is it worth spending more for the Surface Pro, or is the Surface Go good enough?

The Surface Go vs. Surface Pro — which is better? While the higher price tag of one might make you think it's an easy choice, a deeper dive into what each offers makes it a closer race than you might assume.
Computing

Apple’s 4K 21.5-inch iMac is now $200 off if you pre-order it

Apple's new iMacs are now available and if you pre-order one from B&H you can get the midrange version for $200. That's a near 20-percent saving on one of the most competitive configurations.
Emerging Tech

Microsoft’s latest breakthrough could make DNA-based data centers possible

Could tomorrow's data centers possibly store information in the form of synthetic DNA? Researchers from Microsoft have successfully encoded the word "hello" into DNA and then back again.
Computing

The new Windows 10 File Explorer could look like this in 2020

Microsoft may update Windows 10's File Explorer to adopt Fluent Design principles in an upcoming 2020 update. A report suggests that we'll get our first glimpse at the new-look explorer in upcoming Windows Insider builds.
Computing

Hands-on with Microsoft Chromium Edge: A first look at the early release

We installed a preview of Edge Chromium, and there's now a lot that makes it feel Chrome, but there are also some similarities to the old Edge. So, is the new Chromium Edge the best browser ever? Here's a hands-on look.
Computing

DisplayPort and HDMI both connect to screens, but here's how they're different

HDMI and DisplayPort are two of the most popular connectors for hooking up consoles, gaming PCs, TVs, and monitors, but which is best? To find out, we pitted HDMI vs. DisplayPort and compared their best and worst features.