Critical Vulnerabilities in Microsoft Windows Adobe Type Manager Library

Published on 24 Mar 2020

Updated on 24 Mar 2020

Microsoft has issued a security advisory regarding two critical vulnerabilities found in Windows Adobe Type Manager Library. There are reports of limited targeted attacks exploiting these vulnerabilities in the wild.

The two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.

A patch for the vulnerabilities in Windows Adobe Type Manager Library is currently not available yet. However, Microsoft has recommended possible workarounds to minimise the impact of the vulnerabilities. Users and System Administrators are advised to apply the workaround measures immediately.

More information is available here:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv200006