Update: Another Urgent Patch
Jul 21, 2015
A third critical patch has been urgently pushed from Microsoft in the last 24 hours which fixes a vulnerability in Windows Desktop & Server Operating Systems that could lead to full system takeover by an attacker when opening a document or even webpage with a malicious font file embedded within it.
The latest flaw (https://technet.microsoft.com/library/security/MS15-078) resides within the Windows Adobe Type Manager Library and can be exploited easily by attackers when a user opens a document or even a webpage that contains a malicious embedded OpenType font file due to the vulnerability; which would then allow them to take full control of the users system – of which Microsoft is describing the likelihood of exploitation of this flaw as “likely”.
All operating systems from Windows Vista through to current versions of Windows – including server flavours of the OS, are vulnerable. We highly recommend that your install the latest Microsoft updates immediately. After installation of the patch, a computer reboot will be required.
It should be noted that now Server 2003 and Windows XP are no longer supported, fixed for these OS’s won’t be released.
This is another vulnerability that has been made apparent as a direct result of the Italian Surveillance Software Company “Hacking Team” being hacked earlier this month.
As with all past patches, our Tropical Agent clients, and Tropical Cloud Desktop clients are covered as we deploy the updates immediately.
If you have any concerns or questions; or simply need assistance, call 08 8922 0000 or contact us.
Tropical Business Solutions
Director at Tropical Business Solutions