Microsoft Reveals New Windows Vulnerability That Allows Hackers to Remotely Run Malware on PCs

Microsoft has said that it is working on a fix. In the meantime, the company suggested few temporary measures.

Advertisement
By Darab Mansoor Ali | Updated: 24 March 2020 16:50 IST
Highlights
  • Microsoft issued an advisory for the new Windows vulnerability
  • Microsoft has suggested temporary measures till the next security update
  • The vulnerability involves Adobe’s Type Manager Library

Hackers can remotely run malware if they successfully exploit the vulnerability

Microsoft has found a previously undisclosed vulnerability its Windows operating system for PCs. The vulnerability can be found in all supported versions of Windows, including Windows 10. Microsoft announced the vulnerability in an advisory, which said that it is being exploited in the form of limited targeted attacks. It means that if a hacker successfully pulls off an attack on a computer, they could remotely run a malware on the victim's device. The vulnerability involves Adobe's Type Manager Library that is used to render fonts in Windows.

In its advisory, Microsoft said that the limited targeted attacks that could leverage unpatched vulnerabilities in the Adobe Type Manager Library, through which an attacker can leverage fonts. The company further provided guidelines to users in order to minimize the risk until a security update is released. Using this vulnerability, an attacker can trick a user into opening a specially crafted document or view it in the Windows Preview pane, through which they can remotely run a malware or a malicious code on a victim's device.

Advertisement

"There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane," the Microsoft advisory said. The vulnerability has been rated 'critical,' Microsoft's highest rating.

Now, although Microsoft has said that it is working on a fix, the company notes that updates to address security vulnerabilities are usually released as part of Update Tuesdays, which is the second Tuesday of every month. In the meantime, it has listed out instructions for a few temporary workarounds in the advisory, like disabling Preview Pane and Details Pane in Windows Explorer. Microsoft has also listed out the Windows versions that are affected by this vulnerability.

Advertisement

In its statements to The Verge and TechCrunch, Microsoft said that the security patch for this vulnerability will land on the next Update Tuesday, slated for April 14.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  2. iPhone 18 Pro Max Might Arrive With Apple's Biggest Battery Yet
  3. Garmin Forerunner 70, Forerunner 170, Forerunner 170 Music Debut in India
  4. DJI Mic Mini 2S Launched With 32-Bit Float Recording, AI Noise Cancellation
  5. Vivo X500 Camera Details Surface Online After X500 Pro Max Leaks
  6. Huion's 2026 India Lineup Defines Next-Gen Creativity
  7. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  8. Flipkart GOAT Sale: Top Early Deals on Smartphones, Tablets and More
  1. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
  2. Redmi 17 5G NCC, SIRIM Certification Listings Reportedly Reveal Battery and Charging Details
  3. Samsung Galaxy S27, Galaxy S27+ Said to Feature 'Privacy Display'; Ultra Model Might Get Selfie Camera Upgrade
  4. Asus Vivobook 15 (2026) With Intel Core 5 Series 3 CPU Launched in India: Price, Features
  5. Bitcoin Climbs Above $61,600 as Weak US Jobs Data Boosts Crypto Investor Sentiment
  6. iPhone 18 Pro Max Might Arrive With Apple's Biggest Smartphone Battery to Date, Latest Leak Suggests
  7. Vivo X500 Camera Specifications Leaked; 64-Megapixel Periscope Telephoto Camera Tipped
  8. Lenovo Legion Y700 AI Tablet Confirmed to Launch in August; Company Teases Gaming Tablet's Design
  9. iPhone 18 Pro to Feature Apple's C2 Modem Globally, Qualcomm Chip in the US: Report
  10. Xbox Will Reportedly Allow Users to Digitise Physical Games, Ship Project Helix Without Disc Drive
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.