Alert on multiple vulnerabilities in Microsoft Windows
CERT-EN Alert : Multiple vulnerabilities in Microsoft Windows
CERT-FR issues alert for multiple vulnerabilities in Microsoft Windows that allow arbitrary code to run remotely.
Microsoft said on Monday that it was aware of an uncorrected vulnerability in the Windows Adobe Type Manager library which is actively exploited by hackers. As part of a new safety advisory, Microsoft warns that there are two faults for running code remotely (Bl) Classified Reviews in the library that can be exploited in a number of ways.
The Adobe Type Manager Library used in Microsoft Windows manages fonts for the postscript format. It is loaded when reading a file. The reading of a file can be requested explicitly by the user (opening an attachment) as implicitly performed by an automatic rendering engine (preview of miniatures).
In the field of computer security, a Zero-day vulnerability (in french : Zero-day) is a computer vulnerability was the subject of any publication or having no known fix. The existence of a such flaw on a product mean that no protection exists, whether palliative or final. Zero-day terminology does not qualify the seriousness of the fault : as any vulnerability, its severity depends on the importance of the damage that can be caused, and the existence of a feat, that is a technique exploiting this loophole in order to drive unwanted actions on the product concerned. (Sources)
Cookies allow us to personalize the content and advertisements, to offer social media features and analyze our traffic. We also share information about the use of our site with our partners in social media, advertising and analysis, who can combine these with other information you have provided to them or what they have collected through your use of their services.OKLearn more