Microsoft has released an emergency update to patch a security bug that allows attackers to remotely execute malicious code on computers running every supported version of Windows.

The critical vulnerability, which is present in all supported version of Windows, involves the way the Windows Adobe Type Manager Library handles fonts that use Microsoft’s OpenType format. The bug allows attackers to take complete control of vulnerable computers. Attackers can exploit it by luring targets to booby-trapped websites or by tricking a target into opening a malicious file.

There are no indications at the moment that the vulnerability is being actively exploited in the wild. Still, the unscheduled issuance on Monday is an indication that the chances of exploitation are high enough to merit installation as soon as possible.

Read 3 remaining paragraphs | Comments

Link to article:

Microsoft issues emergency patch for critical vulnerability in Windows