Welcome to WebmasterWorld Guest from 34.201.121.213

Forum Moderators: bill

Message Too Old, No Replies

Microsoft releases emergency patch for all versions of Windows

The flaw allows a hacker to take over a machine

     
10:47 pm on Jul 20, 2015 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts: 15149
votes: 170


http://www.zdnet.com/article/microsoft-releases-emergency-patch-for-critical-windows-flaw/ [zdnet.com]

Microsoft releases emergency patch for all versions of Windows

Microsoft has released an emergency out-of-band patch for a critical flaw, affecting all supported versions of Windows.

The software giant said in an advisory Monday that the vulnerability, if exploited, could "allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts."

"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," the advisory added.
2:03 pm on July 21, 2015 (gmt 0)

New User from US 

5+ Year Member

joined:Feb 18, 2014
posts: 30
votes: 4


Apparently this affects every Windows version from 7 all the way through to Windows 10, including the betas that are out there.
5:25 pm on July 21, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26187
votes: 970


I updated and rebooted, just to make sure. No mention of XP, but, then, it's no longer supported.
6:05 pm on July 21, 2015 (gmt 0)

New User from US 

5+ Year Member

joined:Feb 18, 2014
posts: 30
votes: 4


Definitely not XP. You should consider a new computer... ;-)
7:04 pm on July 21, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15706
votes: 813


You should consider a new computer

The reference to OpenType fonts immediately points to older computers anyway, since Windows has pretty much given up on the .otf venture.
7:44 pm on July 21, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26187
votes: 970


Hehe, my xp machine is for testing purposes. ;) all the other windows machines updated fine.
9:17 pm on July 27, 2015 (gmt 0)

Preferred Member

10+ Year Member Top Contributors Of The Month

joined:July 23, 2004
posts:592
votes: 99


Microsoft should put some curtains on their *Windows, and then close them ... go back to the drawing board and start all over from scratch.
1:35 am on July 28, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:9927
votes: 974


Open Type is not only supported in Windows, it still comes as installs with the operating system (both Windows and Mac). What this patch fixes is Open Type instructions served from hackers, charged payloads, and bad sites.

Keep your mitts off my Open Type! :)

Seriously, this relates to the growing use of font descritpions being used for layout purposes on websites round the world. And a target at the Google Font initiative which helps that along.

Webmasters who break the bleeding edge in fontography on the web with these services only contribute to the hacker's ability to inject foul stuff on your visitors.

Not saying you shouldn't do the "font thing" to make your site pretty, just know you should harden your site the best way you know how....

Else MS will do it for you. :)