Security researchers from Google’s Project Zero and FireEye have discovered a critical flaw in various versions of Windows, and Microsoft has released an emergency out-of-band patch to deal with the situation.
In a statement of advisory on Monday (July 20), Microsoft informed customers about the issue, warning that the vulnerability could “allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.”
They continued, “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Basically, if the vulnerability were exploited, you’d be inadvertently handing operational control of your computer over to a cybercriminal. The potential issues stemming from that are limitless, especially for businesses storing sensitive data on their machines.
Users working with Windows Vista, Windows 7, 8, 8.1 or Windows RT are all affected – that includes users running Windows Server 2008 or later. It should be noted that Microsoft has deemed the software update “critical” for those users. As of now, Microsoft says they believe the flaw is public, but they have no evidence to suggest it’s being actively exploited.
The patch is available now through any typical update methods, including Windows Update. For your protection, it’s crucial to make the update as soon as possible to prevent any issues with your system.
My passion is to make my mark on the world in a positive and lasting way. I want to set an example for my son that his father can compete with integrity in today’s world, be very successful, and leave the world a better place for him.
Combining my technical/business-based education with a long career steadily progressing up the corporate ladder, I decided to build a company that held true to my values. So, I founded and designed the next generation of IT support firm: CTECH Consulting Group Inc. We are a completely automated, cloud-based IT company designed to compete against any other IT firm without the overhead. We promote a lifestyle to all our staff where they can work anywhere, at any time, access any information on any device that is relevant to their job, and collaborate with anyone they want to.