Zero-day Windows vulnerability exposed by Hacking Team leak


— 9:13 AM on July 8, 2015

Hot on the heels of yesterday's Flash vulnerability, the leak of internal documents from Hacking Team has revealed another zero-day vulnerability, this time in a Windows kernel component. Attackers can exploit it to gain administrator privileges on a target system. All versions of Windows from XP up to 8.1 are reported to be affected, in both 32 and 64-bit variants.

The vulnerability resides in the Adobe-provided atmfd.dll, which is a kernel-level driver for rendering OpenType fonts. TrendMicro has a page up with a brief technical description about the vulnerability (which is essentially a buffer underflow), and 360cn has posted an in-depth analysis of the bug. This new bug is not the same one as MS15-021, another Adobe font driver vulnerability, which Microsoft patched back in March.

Microsoft tells The Register that a patch is in the works, and that the vulnerability "could not, on its own, allow an adversary to take control of a machine." Since July's Patch Tuesday is next week, it's possible that a hotfix will be ready by then.

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. BIF - $340 2. Ryu Connor - $250 3. mbutrovich - $250
4. YetAnotherGeek2 - $200 5. End User - $150 6. Captain Ned - $100
7. Anonymous Gerbil - $100 8. Bill Door - $100 9. ericfulmer - $100
10. dkanter - $100
   
Register
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.