{"id":5802,"date":"2020-03-27T09:31:01","date_gmt":"2020-03-27T09:31:01","guid":{"rendered":"https:\/\/www.miradore.com\/?post_type=learn&p=5802"},"modified":"2024-01-18T14:59:11","modified_gmt":"2024-01-18T12:59:11","slug":"unpatched-security-vulnerabilities-microsoft-adobe-type-manager-library","status":"publish","type":"post","link":"https:\/\/www.miradore.com\/blog\/unpatched-security-vulnerabilities-microsoft-adobe-type-manager-library\/","title":{"rendered":"How to Implement Workarounds for Unpatched Security Vulnerabilities in the Microsoft Windows Adobe Type Manager Library (ADV200006)"},"content":{"rendered":"

Adobe Type Manager font library (atmfd.dll) used in Microsoft Windows has been reported to contain unpatched security vulnerabilities. These vulnerabilities exist in all current Windows versions including Windows Server versions.<\/strong><\/p>\n

There are already known exploits for these vulnerabilities. By exploiting the vulnerability attacker could achieve a possibility to execute remote code on the target system. An attack can be done for example by persuading the user to open a document containing the malicious code, or even viewing this document in preview mode.<\/p>\n

<\/span>Workarounds<\/span><\/h2>\n

Microsoft has not yet released a fix for the vulnerability but lists three possible workarounds in their Security Advisory: ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability<\/a>:<\/p>\n

    \n
  1. Disable Preview Pane and Details pane in Windows Explorer<\/li>\n
  2. Disable WebClient service<\/li>\n
  3. Rename ATMFD.DLL<\/li>\n<\/ol>\n

    The first two should work for all Windows versions, but they only limit the risk by disabling some attack vectors. Vulnerability still exists when opening a malicious document. The last one should work for older versions before Windows\u00a010 and should eliminate the vulnerability.<\/p>\n

    Please note that Microsoft does not currently recommend implementing these workarounds on Windows 10 devices.<\/p>\n

    <\/span>Implementing workarounds with Miradore<\/span><\/h2>\n

    We have collected here sample implementations of the workarounds that can be deployed through Miradore (Premium subscription required).<\/p>\n

    General advice:<\/strong> When implementing any of the following packages, it is highly recommended to test them on a smaller group of devices including all the operating system versions. Make sure changing the settings won\u2019t cause any unexpected implications on your device fleet.<\/p>\n

    <\/span>How to add packages in Miradore<\/span><\/h2>\n
      \n
    1. Download the attached scripts to be run in package<\/li>\n
    2. Open your Miradore site<\/li>\n
    3. Move to Applications<\/li>\n
    4. Add the application:\n