Microsoft Emergency Patch Fixes Rogue Font Hacking Team Vulnerability

Microsoft has rushed to fix a ‘critical’ remote execution flaw discovered in files related to the attack on controversial Italian surveillance tools developer Hacking Team, and has released a patch for all supported versions of Windows.

According to a Microsoft advisory, a rogue, specially crafted font could allow an attacker to gain access to an affected system – a threat deemed serious enough for the company to release a patch outside the usual Patch Tuesday update cycle.

Windows Update

“A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts,” said Microsoft. “An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

“There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts.”

Microsoft says it believes information about the vulnerability is in the public domain, but is not aware of any incidents of it being exploited in the wild. The most recent Patch Tuesday fixed two zero-day vulnerabilities found in 400GB worth of files uncovered in the Hacking Team attack.

This latest update is available for Windows Vista, 7, 8 and RT as well as Windows Server 2008, but not Windows XP or Windows Server 2003, support for both of which has ended. If an administrator is unable to patch immediately, Microsoft’s advisory does provide a number of workarounds for supported systems.

Are you a security pro? Try our quiz!