Microsoft published an advisory a couple of new font parsing vulnerability in Windows on March 23, 2020. The firm rated the vulnerability as vital and stated that it was conscious of restricted focused assaults exploiting the vulnerability.
Microsoft listed a number of workarounds to mitigate assaults however all of them diminished performance for customers in a method or one other.
Microsoft has but to launch a safety patch to address the difficulty for all variations of Windows affected by the vulnerability.
Security firm 0Patch, well-known for its pledge to create and distribute patches for the Windows 7 and Windows Server 2008 R2 working programs that ran out of official assist this 12 months. While enterprise and Enterprise clients may extend support by up to three years, residence customers can’t formally and 0Patch patches.
Microsoft already introduced that it will not present the font parsing patch for unsupported variations of Windows 7 whereas it is going to present it to corporations and Enterprise organizations which have joined the ESU program to obtain prolonged assist updates.
0Patch announced at the moment that it has created a micro-patch for the font parsing vulnerability that impacts all main shopper and server variations of the Windows working system.
A weblog put up on the official 0Patch weblog lists the official data and analyzes the workarounds that Microsoft posted. While all work to a level, all have disadvantages that 0Patch highlights. Disabling the preview pane, particulars pane and thumbnails in Windows Explorer for instance solely blocks assaults when the file supervisor is used however it will not defend in opposition to different assault vectors.
The staff analyzed the vulnerability — it had to since Microsoft didn’t disclose particulars about it — and located an answer that it was a micro patch.
Basically, what 0Patch did was put a bouncer in entrance of font operations if Adobe Type 1 Script fonts are used in order that the vulnerability can’t be exploited.
So we determined to discover the widespread execution level that varied Windows purposes akin to Windows Explorer, Font Viewer, and purposes utilizing Windows-integrated font assist are utilizing to go a font to Windows, then place a bouncer there that will hold Adobe Type 1 PublishScript fonts out.
The weblog put up goes into element and customers thinking about further particulars might test it out for extra data on the implementation.
All directors want to do is set up the micro patch on the system to defend it in opposition to the vulnerability.
With this micropatch in place, all purposes utilizing Windows GDI for font-related operations will discover any Adobe Type 1 PublishScript fonts rendered invalid and unable to load. For instance, Windows Explorer will begin trying like this when viewing a folder with a pair of in any other case legitimate PFM and PFB information.
The patch is available for free for Windows 7 64-bit and Windows Server 2008 R2 with out Extended Security Updates. 0Patch plans to create patches for ESU variations of Windows 7 and Windows Server 2008 R2, in addition to Windows eight.1 and Windows Server 2012 quickly as properly.
Windows 10 and Server will not obtain the patch as these programs face much less of a danger from the vulnerability than earlier variations of Windows.
Here is a video by the corporate:
Now You: Do you utilize 0Patch software program to micro-patch vulnerabilities?