Microsoft has alerted billions of Windows users to two critical security holes that can be actively exploited by hackers. The technological giant explains that, through vulnerabilities, cybercriminals can take control of equipment and operate it remotely.
According to Microsoft, all Windows operating systems may be at risk. The flaws in question are present in the Windows Adobe Type Manager Library, which allows applications to manage and render Adobe fonts. In practice, vulnerabilities can be used to access documents stored on devices, whether personal or professional.
To exploit the flaws, hackers deceive victims by convincing them to open seemingly benign documents. When opened, attackers can infect the system with malicious software, such as ransomware.
Microsoft admits that it is still working to repair the weaknesses. The company estimates to have a patch ready by next April 14th. Until then, the North American technology asks the user to pay extra attention and to take precautions to be protected against potential attacks. To try to mitigate the problem, users can take a number of measures, which can be found on the company's website.
It is recalled that, even this month, Microsoft released a security update for a critical Windows 10 vulnerability. The security flaw that allowed attackers to remotely execute malicious code and spread it on numerous computers had been accidentally released by company in this ms.
When exploited, the security flaw could give rise to a chain of attacks similar to the WannaCry ransomware in 2017. Also in June 2019, the BlueKeep vulnerability, also known as CVE-2019-0708, launched a panic among operating system users. from Microsoft, prompting the company to take additional security measures.
