It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Microsoft Releases Emergency Patch ... All Versions

page: 1
7

log in

join
share:

posted on Jul, 21 2015 @ 08:27 PM
link   


Microsoft releases emergency patch for all versions of Windows

The flaw, which also affects Windows 10, allows a hacker to take over a machine.

...

The software giant said in an advisory Monday that the vulnerability, if exploited, could "allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts."

"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," the advisory added.

ZDNet: Microsoft Releases Emergency Patch
for all versions of Windows


-


Proprietary software is so bad that even fonts are a huge risk. This isn’t the first such incident.

It serves also as a reminder for GNU/Linux users because some users continues to install proprietary software from Adobe, despite Free/libre alternatives being equally potent.

Fonts Are Remotely Exploitable

-
Observable Keywords:

Attacker ... Vulnerability ... Exploited ???

( or words to use when describing an ... ai-victim ? )
.

edit on 21-7-2015 by FarleyWayne because: (no reason given)



posted on Jul, 21 2015 @ 08:30 PM
link   
I have no idea what you're on about with your "keywords" or what an "ai-victim" is, but this sounds like a typical security patch...



posted on Jul, 21 2015 @ 08:36 PM
link   
MICROSOFT RELEASES A PATCH!!!

Stop the presses…. Tell me it isn't so….

You mean Windows is not secure?!



posted on Jul, 21 2015 @ 08:45 PM
link   

originally posted by: notmyrealname
MICROSOFT RELEASES A PATCH!!!

Stop the presses…. Tell me it isn't so….

You mean Windows is not secure?!


Lol Thats why Linux is way better.



posted on Jul, 21 2015 @ 08:48 PM
link   
Though scary when it makes headlines, these things are discovered all the time, and all over the ace (web browsers, phones, software, etc).

It's a good thing that people dedicate their profession to finding these holes and vulnerable areas.

This is a perfect example of a true hacker by the way.



posted on Jul, 21 2015 @ 08:50 PM
link   
automatic updates are my friend....get them all the time....but, you know....that's how we stupid people that are called "sheeple"...respond to these type of attacks....



posted on Jul, 21 2015 @ 08:56 PM
link   
First I have heard of dangerous fonts, have heard of some image files doing some pretty nasty things at times as well. Do need to use some care when travelling the internet.



posted on Jul, 21 2015 @ 09:05 PM
link   
a reply to: FarleyWayne

This concerns the OpenType fonts implemented by Adobe but other font technologies have vulnerabilities.

The true-type font rendering engine has been vulnerable since its implementation. This is because the fonts themselves are able to carry code.

When you scale a TT font close to the pixel limit of the display, you can no longer simply reduce the outline, but must cut slivers from the font to reduce it down and retain readability.

The issue arises from determining which slivers of pixels are important and which are perceptually inconsequential. The designer of the font is supposed to put in code which determines what to loose, based upon the aesthetics of human perception. The font definition contains space in which to place that code.

The code need not even be rendering related, anything can be placed there and the standard mechanisms for forcing execution of embedded code be used.

This would not be an issue except that fonts may legitimately be embedded into a document (to ensure the portability of the document and that it appears the same in all circumstances), this then provides a mechanism for propagating that code.

In the '70's I wrote a demo program that used ASCII character coding via ANSI.SYS (part of DOS) to call the DEBUG program, compile its own code and execute it. This was to demonstrate how benign appearing carriers can be co-opted to introduce malicious code. (Fortunately, back then, exploits weren't broadcast over the web for script kiddies to use).



posted on Jul, 21 2015 @ 09:07 PM
link   

originally posted by: PrimeAutobot

originally posted by: notmyrealname
MICROSOFT RELEASES A PATCH!!!

Stop the presses…. Tell me it isn't so….

You mean Windows is not secure?!


Lol Thats why Linux is way better.


Linux uses OpenType and TrueType fonts and is therefore vulnerable.



posted on Jul, 22 2015 @ 12:35 AM
link   
a reply to: FarleyWayne

I really have no idea what this topic is about, and yes I have read it. I still use Windows 7 ad my comp is 6-7 years old. I have had the white flag of uprgarde death for several months on my toolbar warning me that I should uprage to 10 when it comes out. But a strange thing happened to me today that hasn't happned ever. I was unable to connect to the Net, whereas other devices were able to in my house, just not my laptop. I know how to get around such things and the protocol to take, but it was my comp and not my router or wireless, I could not do IPCONFIG or anything, it would not open.

I ran multiple scans and security tests and there was nothing, it just came back saying my IP was fraudulent, and yet I dismissed all firewalls and security and such. after 6 restarts and 5 hours of brainstorming it suddenly worked. I was about to do a full system restore as a last cause and spent an hour backing up what I havent for the last 2 months, but it finally worked, And I have no answer to why it did. The strangest computer problem that just happened to fix itself over time, it doesnt make sense. Even my screen went out saying I didn't have the driver to operate my screen at first. After restart and troubleshooting it kept coming back that my IP would not work for my router or connection.

At least after several hours of cleaning up my comp it runs faster but it doesn't explain why all of a sudden the internet just connects no and didn't before, I was unable to fix it or adjust my IP to fix it since IPCONFIG would just flash and go away even after adminastrator etc. F windows, even after I said F Linux.



posted on Jul, 22 2015 @ 02:55 AM
link   
a reply to: PrimeAutobot
Not used for fun like now but, Whonix on first.



posted on Jul, 22 2015 @ 04:53 AM
link   
a reply to: FarleyWayne

I would suggest the actual is opposite to the claimed.

I don't trust Microsoft at all. No company, no matter how big is able to resist the power of the American industrial military complex, or the regulatory, financial, diplomatic and influential power of the American govt.



posted on Jul, 22 2015 @ 05:05 AM
link   

originally posted by: Azureblue
a reply to: FarleyWayne

I would suggest the actual is opposite to the claimed.

I don't trust Microsoft at all. No company, no matter how big is able to resist the power of the American industrial military complex, or the regulatory, financial, diplomatic and influential power of the American govt.

OK, you don't trust Microsoft. Fine. What about the millions of people who can verify the vulnerability exists as stated, and who go through every patch with a fine-toothed comb? Do you not trust them either?



posted on Jul, 22 2015 @ 06:47 AM
link   
a reply to: FarleyWayne

Isn't that the way Microsoft works? their OS has always been crappy that is why vulnerability patches are always releases like band aids to keep their OS working without falling apart at the seams.

Nothing new just the same old same.




top topics



 
7

log in

join