It has been reported that Microsoft says attackers are exploiting a previously undisclosed security vulnerability found in all supported versions of Windows, including Windows 10 – the company said there is currently no patch for the vulnerability. The security flaw, which Microsoft deems “critical” is found in how Windows handles and renders fonts, according to the advisory posted Monday. The bug can be exploited by tricking a victim into opening a malicious document. Once the document is opened — or viewed in Windows Preview — an attacker can remotely run malware, such as ransomware, on a vulnerable device. The advisory said that Microsoft was aware of hackers launching “limited, targeted attacks,” but did not say who was launching the attacks or at what scale.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.