Microsoft warns Windows users of a critical vulnerability that’s used for ‘limited targeted attacks’

Microsoft's Windows zero-day vulnerability couldn't have come at a worse time as millions of users are staying at home or working remotely following the Covid-19 pandemic. The company warned that the zero-day vulnerability is out in open and is being used for "limited targeted attacks." There's no patch for the bug, for now.

Microsoft revealed that the bug exists in the Adobe Type Manager Library that's responsible for managing and rendering some fonts. The loophole allows attackers to inject malicious codes remotely by making the victim open a document that looks like a legit one but has malwares.

ArsTechnica in its report pointed out that the "limited targeted attacks" generally refers to state-backed cyberattacks. In such cases, hackers target very few devices, in some cases, less than a dozen. It's worth noting that Microsoft hasn't elaborated who conducted these limited attacks or users in which areas were affected.

"Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format," Microsoft said in the advisory.

"There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane," it added.

What Windows users can do?

Microsoft said it is working on a patch and is likely to be available in the next patch which the company releases on the second Tuesday of the month. In this case, it would be April 14.

For now, Microsoft has advised a bunch of tips to avoid the bug. For instance, users are recommended to disable preview and details panes in Windows Explorer. Users can also disable the WebClient service.