Two Critical New Windows 0Days Being Actively Exploited – No Patch Yet


All currently supported versions of Microsoft Windows (server and desktop) are exposed to two new remote code execution (RCE) vulnerabilities which are being actively exploited in the wild in “limited targeted attacks” — and there’s no patch yet.

The new Windows 0days are in atmfd.dll: a kernel module that is provided by Windows and which provides support for OpenType fonts. (While known, in full, as “Adobe Type Manager Font Driver”, it is Microsoft’s code, not Adobe’s).

Security experts at France’s Orange Cyberdefense said if atmfd.dll was not present on a machine (it

To see the full content, share this page by clicking one of the buttons below
Click on a tab to select how you'd like to leave your comment

Leave A Reply

Your email address will not be published.