Microsoft has just warned of two vulnerabilities in the Adobe Type Manager Library that are being actively exploited. Attacks on the vulnerabilities, which are currently unpatched, could result in remote code execution and are targeted at the Windows 7 OS, with a lower impact on other versions of Windows.
Microsoft has commented that there are a number of ways in which the vulnerabilities can be exploited, including “convincing a user to open a specially crafted document or viewing it in the Windows Preview pane”.
While the vulnerabilities are still unpatched, there are a number of mitigations and workarounds that Microsoft has published. Given that this new vulnerability is actively being exploited, real-time, no-fuss mitigation is essential.
Realtime Mitigation, at Scale
Infinipoint enables you to implement and validate a workaround that mitigates the vulnerability in seconds across all your Windows endpoints, whether on-premise or off-premise and anywhere in the world. Once patches are published for the vulnerability, which is assumed to be on April 14th, Microsoft’s next Update Tuesday, Infinipoint will provide a script that automatically patches the vulnerability in the same way.
Infinipoint is consistently updated with the latest vulnerabilities and advisories across the web, as well as active campaigns, mitigations and remediations. Once a new vulnerability or risk is disclosed, Infinipoint will immediately detect it and offer real-time mitigation or remediation across all IT assets.
This video demonstrates Infinipoint’s easy step-by-step process for mitigating this zero-day vulnerability and others.
In this case, the process is as follows:
- Detect new vulnerabilities as they are published.
- To Mitigate: Implement a workaround – disabling the Preview pane and the Details pane.
- To Remediate: Apply a patch once it becomes available
- Validate the mitigation – obtain immediate indication of success or failure, ensuring no vulnerable assets are found across your IT estate
For any questions or requests, please contact us at info@infinipoint.io or visit us at www.infinipoint.io.
Source: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv200006#march-23-flaw
