Microsoft has patched a critical bug that was affecting all versions of Windows. The company released an off-schedule update in order to deal with the security lapse. According to reports, the bug allowed hackers to remotely execute malicious code on computers running the Windows operating system. It was detected in the mechanism by which the Windows Adobe Type Manager Library deals with fonts using the Microsoft OpenType format.
When exploited, the bug can give a an attacker full control over the system. The remote execution begins when the user visits a malicious website that contain OpenType fonts, or when users try to open a specially created document that contains these fonts. The attacker can then install malicious programs into the system that manipulate data on it. In addition, an attacker could even create completely new user accounts on the Windows run system, giving themselves full rights.
Almost every major version of Windows was affected, including Windows Vista, Windows 7, Windows 8, Windows RT, Windows 8.1, Windows RT 8.1, Windows 2012 and Windows Server 2008. Not only that, even the preview builds of Windows 10 were affected by the bug, as were outdated versions like Windows XP and Windows Server 2003. Note that neither Windows XP, nor Windows Server 2003, are eligible for updates from Microsoft any more.
The update will download automatically as long as you’ve chosen the appropriate settings. In case you haven’t though, you can simply go here and download the update relevant to your PC.