Microsoft has warned users about targeted attacks on Windows 7 users that have taken advantage of unpatched vulnerabilities in the Adobe Type Manager Library.
“Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially crafted multi-master font,” the Microsoft statement read.
There are numerous ways that a cyber-attacker could exploit this, for instance a hacker could convince a user to open a specially crafted document. However, Microsoft has said that so far there has only been a limited number of such attacks.
The company said they are working on a security update to fix the issue and will continue to provide updated guidance to help reduce customer risk until this update is released.
The update is expected to be delivered on the 14th of April.
Microsoft’s current mitigation guidelines and workarounds to reduce the risk of this type of cyber-attack can be found here.
