Windows Emergency Patch Launched
Microsoft has just launched an emergency patch for Windows which will fix a critical vulnerability found in all the IT giant's supported operating system. The flaw affects Windows Vista, 7, 8, 8.1 and Windows 10, so the company urges anyone who uses one of these products to update as soon as possible. Additionally, Windows Server 2008 and all the newer build of the version are also affected by the vulnerability.
The problem, which was identified by researchers from Google's Project Zero and FireEye, takes advantage of the way Windows handles certain fonts and allows a hacker to potentially take full control over your device. According to Microsoft officials, the vulnerability "allows remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts. [..] An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
What's really interesting (and a bit scary, to be honest) is that the update has been launched a week after Patch Tuesday, when security fixes are traditionally released by the company. This can only mean that the vulnerability wasn't just public but also actively exploited in certain parts of the world, even though Microsoft states that they have no evidence of such an occurrence. The patch is coming via the Windows Update tool, so download it as soon as possible (in case you don't have the automatic updates feature turned on).
To read Microsoft's advisory on the matter, study the topic posted by the TechNet Security Center.
