Conversation

Notices

1. LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 23-Mar-2020 22:34:00 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
   Oh, wonderful. A #Zero-day with #RCE on #Windows ... currently unpatched.
   
   See: https://freeradical.zone/@tek/103874683857159931
   
   #security #infosec
   • GeniusMusing (geniusmusing@nu.federati.net)'s status on Monday, 23-Mar-2020 23:47:43 UTC GeniusMusing

     in reply to
     @lnxw48a1
     ADV200006 Type 1 Font Parsing Remote Code Execution Vulnerability
     https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv200006#ID0EMGAC
     
     >Microsoft is aware of limited targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released.
     
     So is it adobe or M$ that has the issue, adobe has had quite a few issues recently.
     LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} repeated this.
   • GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 24-Mar-2020 00:00:15 UTC GeniusMusing

     in reply to

     • GeniusMusing
     @lnxw48a1 I just checked on a Win10 VM with no adobe products on it and while I don't have the atmfd.dll referenced I did have a atmlib.dll from adobe.
     LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} repeated this.