Windows Zeroday Actively Exploited: Type 1 Font Parsing Remote Code Execution Vulnerability, (Mon, Mar 23rd)
Microsoft announced limited exploitation of a zeroday remote code execution vulnerability in the type 1 font parser.
There are two RCE vulnerabilities in Windows Adobe Type Manager Library on Windows system, when parsing Adobe Type 1 PostScript format. There are multiple attack vectors, like documents.
Microsoft is working on a patch.
Following mitigation actions can be taken:
Disable the Preview Pane and Details Pane in Windows Explorer
Disable the WebClient service
Microsoft advisory ADV200006
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.