The defects exist in the Windows Adobe Type Manager Library, which permits apps to handle and render fonts readily available from Adobe Systems. Attackers may make use of the vulnerabilities by getting their targets to open booby-trapped documents or see them in the Windows preview pane.
Microsoft is still working to fix the vulnerabilities. The earliest it will issue a patch is likely April 14th. Microsoft normally releases security updates on Update Tuesday, the second Tuesday of monthly. In the meantime, there are a couple of workarounds, consisting of disabling the sneak peek pane and details pane in Windows Explorer. Microsoft has detailed the actions users should take here.
from WordPress http://troot.net/microsoft-warns-windows-users-of-two-security-holes-already-under-attack-engadget/
Keine Kommentare:
Kommentar veröffentlichen