Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mardi 24 mars 2020

Remote-Code-Execution Vulnerabilities in All Versions of Windows (CERT-EU Security Advisory 2020-017)

On the 23th of March 2020, Microsoft released a security advisory for two remote-code-execution vulnerabilities affecting all versions of Windows. The two vulnerabilities are linked to the Adobe Type Manager Library. An attacker could exploit these vulnerabilities by convincing a user to open or preview a specially crafted document. Microsoft is aware of ongoing attacks which could exploit these 0-days vulnerabilities. A patch is not available yet but Microsoft provides advice on workarounds to limit the exploitability of the vulnerabilities.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 281


Événements SSI