Microsoft has recently acknowledged two zero-day vulnerabilities in Windows, confirming that it’s aware of attacks happening in the wild already.
Specifically, the font parsing remote code execution bugs in Windows come from the Adobe Type Manager Library, which Microsoft uses to render fonts in the operating system.
“Two remote code execution vulnerabilities exist in Microsoft Windows once the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format,” Microsoft says.
Despite attacks already happening in the wild, there’s no rush to patch the flaws, it seems, and Microsoft says a fix will probably land next month. What this means is we might need to hold back until April 14 when the next Patch Tuesday updates go live officially for all Windows users.
“Microsoft understands this vulnerability and working on the fix. Updates that address security vulnerabilities in Microsoft software are usually released on Update Tuesday, the second Tuesday of each month. This predictable schedule allows for partner quality assurance also it planning, which helps maintain the Windows ecosystem as a reliable, secure choice for our customers,” Microsoft says.
There are several methods to exploit the vulnerability, and something of these is opening a crafted document specifically created to make use of the bug within the Windows Explorer preview pane.
So technically, the workaround is dependant on this: disabling the preview pane and also the details pane in File Explorer.
This workaround pertains to all Windows versions, as File Explorer is offered as the pre-loaded file manager within the operating system. The steps, however, really are a quite different with respect to the version of Windows that you simply run on the unit.
Open File Explorer on the tool and then follow these steps:
View tab > Clear Details pane + Preview Pane > Options > Change folder and search options > View > Advanced settings > Always show icons, never thumbnails
At this point, the preview ought to be disabled, so you need to relaunch File Explorer in order to save your settings.
Nearly exactly the same steps work because well, having a small difference:
File Explorer > Organize > Layout > Clear Details pane + Preview pane > Organize > Folder and check options > View > Advanced settings > Always show icons, never thumbnails
What you ought to do know is when you make these changes, File Explorer won’t display OTF fonts automatically, to want to reset these steps when a patch is published. To do this, just follow the aforementioned steps and uncheck the last option.
“Disabling the Preview and Details panes in Windows Explorer prevents the automated display of OTF fonts in Windows Explorer. Although this prevents malicious files from being viewed in Windows Explorer, it does not prevent a local, authenticated user from managing a specially crafted program to exploit this vulnerability,” Microsoft explains.
The next Patch Tuesday, due on April 14, will likely resolve the vulnerabilities within the supported Windows versions. This is actually the most essential thing, as despite Windows 7 also being vulnerable, it’s no longer getting updates, therefore it’ll remain open to attacks.
Windows 7 reached no more support in January this season, so users still running it are recommended to switch to Windows 10 for security reasons. All Windows 10 versions can get cumulative updates around the next Patch Tuesday, albeit only the newest are supported for home users.