Microsoft Warns of Hackers Exploiting Unpatched Windows Bugs

Items skipped during a quick scan

Items skipped during a quick scan

Regardless, some users are reporting a Windows Defender pop-up message saying that it has skipped a file "due to exclusion or network scanning settings".

Along with revealing this huge Window 10 news, Microsoft has also teased its one billion fans with a new update that looks set to arrive very soon with the firm boasting that it's been "designed for a new era".

Hackers are exploiting an unpatched Windows security vulnerability that tricks users into opening a malicious document and then remotely runs malware on the system. "There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane".

Microsoft says that a fix for the vulnerabilities is now being developed and hints at a future release coming during next month's Patch Tuesday (on April 14).

Italy shuts all non-strategic business activities until April 3
Sun Shuopeng said he was shocked to see so many people walking around, using public transportation and eating out in hotels. With 546 most of the deaths on Saturday were in the Milan region registered in the northern Italian region of Lombardy.


U.S. Futures Drop, Yen Gains, Bond Yields Rise: Markets Wrap
The week's trading halted before it even started, with the S&P 500 triggering a "limit down" threshold in premarket activity. Investors anxious that the central bank actions may be insufficient for companies facing a sharp slide in demand.


Remaining cruise ship passengers return to Wisconsin
It visited Napier Port on Sunday, March 15, before cruise ships were prohibited from docking due to fears of the spread of Covid-19.


The remote code execution vulnerabilities are found in the Adobe Type Manager Library (atmfd.dll) that is used by Windows to render PostScript Type 1 fonts inside of Windows.

The software giant typically releases its security fixes on the second Tuesday of each month, but occasionally issues out-of-band patches in severe cases. For systems running supported versions of Windows 10, Microsoft said a successful attack could only result in code execution within an AppContainer sandbox context with limited privileges and capabilities.

Microsoft said only that it's aware of "limited targeted attacks". Microsoft says Windows 7, Windows Server 2008, or Windows Server 2008 R2 will need an ESU license to get patched. This includes disabling the Preview Pane and Details pane in the Windows File Explorer.

Microsoft has provided some possible workarounds for the issue here. For example, disabling the preview pane in Windows Explorer will prevent a malicious file from being viewed, but it doesn't stop local attacks and Open Type fonts won't be automatically displayed. The company is now working on a patch to solve the issue. Third-party applications that install OpenType fonts natively could be affected by this change, according to Microsoft.

Latest News