The exploit, which is fondly referred to as MS15-078, takes advantage of the method in which the system handles third-party fonts. The attacker uses a file or website with a special font embedded in it, and when the system attempts to draw the file, it causes a back door in the code that gives the attacker unfettered access to the system.
Once inside, they can install malicious software, view and change data, and even create an administrative user account without you knowing they’re there at all.
As far as Microsoft can tell, or is willing to admit, no users have been attacked using this method yet, but it was out there in the wild. News of the flaw comes courtesy of the Italian software company Hacking Team, whose software and clients were recently hacked by another group and shared on Twitter. The details of the flaw were uncovered in the shared files by members of a number of different infosec groups, including FireEye and Google’s Project Zero.
The hack affects Windows 7, 8, 8.1, RT, RT 8.1, and Servers 2008 through 2012 R2. The home versions of Windows have already been issued automatic updates, while server users will have to download and patch the issue themselves.
You can also find more detailed information, along with command-line workarounds if you want to seal the leak by hand. The latest Insider Preview for Windows 10 is said to be affected as well, but no patch has been issued, so if that’s you, be careful where you click.
Editors' Recommendations
- The latest Windows update is breaking VPN connections
- Microsoft plans to charge for Windows 10 updates in the future
- Google is creating ‘internet surveillance DRM,’ critics say
- Own an iPhone, iPad, or MacBook? Install this critical update right now
- Lagging in games? This Windows 11 update might fix the problem
