Home Zero-day Windows vulnerability exposed by Hacking Team leak
News

Zero-day Windows vulnerability exposed by Hacking Team leak

Bruno Ferreira
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

Hot on the heels of yesterday's Flash vulnerability, the leak of internal documents from Hacking Team has revealed another zero-day vulnerability, this time in a Windows kernel component. Attackers can exploit it to gain administrator privileges on a target system. All versions of Windows from XP up to 8.1 are reported to be affected, in both 32 and 64-bit variants.

The vulnerability resides in the Adobe-provided atmfd.dll, which is a kernel-level driver for rendering OpenType fonts. TrendMicro has a page up with a brief technical description about the vulnerability (which is essentially a buffer underflow), and 360cn has posted an in-depth analysis of the bug. This new bug is not the same one as MS15-021, another Adobe font driver vulnerability, which Microsoft patched back in March.

Microsoft tells The Register that a patch is in the works, and that the vulnerability "could not, on its own, allow an adversary to take control of a machine." Since July's Patch Tuesday is next week, it's possible that a hotfix will be ready by then.

Latest News

Key Gig Economy Statistics 
Statistics

2024 Gig Economy Statistics: Unveiling 85+ Remarkable Insights

Over 8 Years of Inactivity, Pre-Mined Ethereum Wallet with 1,000 Coins Awakens
Crypto News

Over 8 Years of Inactivity, Pre-Mined Ethereum Wallet with 1,000 Coins Awakens

As the Ethereum price begins posting notable strides, dormant ETH addresses are beginning to awaken. According to a recent report, a wallet holding 1,000 Ether, which has remained inactive for nearly...

Institutional Players Invested $86 Billion in Bitcoin in 6 Months, Details Unveiled
Crypto News

Institutional Players Invested $86 Billion in Bitcoin in 6 Months, Details Unveiled

Bitcoin has witnessed a remarkable surge in institutional investment, with a staggering $86 billion pouring into the market over the past six months.  This influx of capital, as revealed by...

Former FTX Executives Face $1.3M Settlement in Class Lawsuit
Crypto News

Former FTX Executives Face $1.3M Settlement in Class Lawsuit

Fidelity Joins the Ethereum ETF Race With Staking Option Included
Crypto News

Fidelity Joins the Ethereum ETF Race With Staking Option Included

US Supreme Court Reviews Government Meddling In Content Moderation on Social Media
Streaming News & Events

US Supreme Court Reviews Government Meddling In Content Moderation on Social Media

Sam Bankman-Fried
News

Sam Bankman-Fried Sentenced to 25 Years in Prison for Fraud and Conspiracy