Critical Windows security vulnerability discovered

Windows 10 Desktop

Microsoft has released a fix for a critical security flaw that impacts all versions of the operating system from Windows 7 through to the most recent beta release of Windows 10. According to CNet, the flaw came to light as a result of the Hacker Team leak that led to the discovery of a critical vulnerability in Adobe Flash earlier this month.

"A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts," Microsoft said in a security bulletin posted yesterday. "An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

The ability to execute code from remote could be enabled by opening a "specially crafted document," or even by simply visiting a web page with embedded OpenType fonts. Fortunately, while the information is out in the public, Microsoft said it has no evidence that it's ever actually been used in an attack. Also fortunate is that Windows users with automatic updates enabled won't have to do anything, as the fix will be downloaded and installed automatically.

The rest of you will have to be a bit more hands-on if you want to dodge this particular bullet, however. Find out what you need to do (and dig into whatever other details you find interesting) at Microsoft's Security TechCenter.

Andy Chalk
US News Lead

Andy has been gaming on PCs from the very beginning, starting as a youngster with text adventures and primitive action games on a cassette-based TRS80. From there he graduated to the glory days of Sierra Online adventures and Microprose sims, ran a local BBS, learned how to build PCs, and developed a longstanding love of RPGs, immersive sims, and shooters. He began writing videogame news in 2007 for The Escapist and somehow managed to avoid getting fired until 2014, when he joined the storied ranks of PC Gamer. He covers all aspects of the industry, from new game announcements and patch notes to legal disputes, Twitch beefs, esports, and Henry Cavill. Lots of Henry Cavill.

Latest in Windows
Microsoft Copilot
A rather pleasing Windows 11 update bug automatically uninstalls Copilot and unpins it from the taskbar, which is jolly nice of it
Microsoft's Task Manager in Windows 11
After years of complaints about Windows Task Manager displaying CPU utilization incorrectly, a fix is finally on its way
Microsoft Windows 11
The latest Windows 11 dev build gives you the ability to snap together commonly paired apps for access in a single click, and I'm already sold
Windows 11's new emoji button in the taskbar.
You might mock Microsoft's new emoji button in Windows 11 but as someone that's explained how to quickly access emojis and special characters too many times, I get it
Windows 10 operating system logo is displayed on a laptop screen for illustration photo. Gliwice, Poland on January 23, 2022.
Valve's monthly survey reveals that almost 45% of Steam users on PC are still using Windows 10 even with the sword of Damocles hanging over them
Microsoft Windows 11
If you installed Windows 11 with certain security updates and a USB stick, you may not get any more security updates warns Microsoft
Latest in News
A gigantic terracotta sentinel made of living armor
Total War: Warhammer 3's army of Cathay has broken containment and is making its way to tabletop Warhammer at last
Two brightly colored stormtroopers dressed like Run-DMC stand in front of PAX Australia's WELCOME HOME banner.
Tickets for PAX Australia 2025 are on sale now
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm