Microsoft patches vulnerability that gave attackers wide-reaching remote

The bulletin goes on to say that if successful an attacker would be able to install programs, delete, change, or view data, as well as create user accounts with full user rights.

Advertisement

Redmond has pushed out a “critical” security update on Monday, for all supported versions of Windows, including the Windows 10 previews.

The company’s update labeled MS15-078 has fixed a flaw in the rendering of OpenType fonts which is jointly created by Adobe and Microsoft.

Given that the flaw affects every now supported version of Windows, including Windows RT and Windows Server, it’s highly likely the bug will also reside in Windows XP, for which Microsoft no longer issues security updates.

Microsoft decided not to wait until its regularly scheduled monthly security update, known as “Patch Tuesday”, to issue a fix.

Thankfully, this critical Windows update will put a stop to this vulnerability, as it corrects how Windows Adobe Type Manager Library tackles OpenType fonts, which is how hackers gain access to your system.

If your system doesn’t qualify, then you’re going to have to upgrade your hardware before you upgrade your operating system. This is Microsoft’s Windows 10 slogan.

In the spirit of search, Microsoft is introducing the Cortana personal assistant into Windows 10 PCs, after previously only making it available on Windows Phone.

“Since Microsoft has stated that they have no indication that this vulnerability was used to attack customers, it begs the question, why release an out-of-band patch in the first place?”

There are multiple ways an attacker could exploit the vulnerability, mostly via social engineering.

Advertisement

On top of that, the new OS also promises that future kids will not have to worry about remembering passwords or about security as Windows 10 will take care of that.

Microsoft plugs gaping security hole with KB 3079904 KB 3074667