Zero-day Windows vulnerability exposed by Hacking Team leak

Hot on the heels of yesterday's Flash vulnerability, the leak of internal documents from Hacking Team has revealed another zero-day vulnerability, this time in a Windows kernel component. Attackers can exploit it to gain administrator privileges on a target system. All versions of Windows from XP up to 8.1 are reported to be affected, in both 32 and 64-bit variants.

The vulnerability resides in the Adobe-provided atmfd.dll, which is a kernel-level driver for rendering OpenType fonts. TrendMicro has a page up with a brief technical description about the vulnerability (which is essentially a buffer underflow), and 360cn has posted an in-depth analysis of the bug. This new bug is not the same one as MS15-021, another Adobe font driver vulnerability, which Microsoft patched back in March.

Microsoft tells The Register that a patch is in the works, and that the vulnerability "could not, on its own, allow an adversary to take control of a machine." Since July's Patch Tuesday is next week, it's possible that a hotfix will be ready by then.

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.