Hackers are exploiting a zero-day vulnerability in the Windows 7 OS to take over systems, Microsoft said in a security alert today.

The zero-day is located in the Adobe Type Manager Library (atmfd.dll), a library that Microsoft uses to render PostScript Type 1 fonts inside multiple versions of the Windows OS.

Microsoft says there are two remote code execution (RCE) vulnerabilities in this built-in library that allow attackers to run code on a user’s system and take actions on their behalf.

“There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane,” the company said.

The company described the current attacks exploiting the zero-day as “limited” and “targeted.” The attacks were primarily aimed at Windows 7 systems; however, other Windows versions are also impacted.

By Enrico

My greatest passion is technology. I am interested in multiple fields and I have a lot of experience in software design and development. I started professional development when I was 6 years. Today I am a strong full-stack .NET developer (C#, Xamarin, Azure)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: