{"id":5802,"date":"2020-03-27T09:31:01","date_gmt":"2020-03-27T09:31:01","guid":{"rendered":"https:\/\/www.miradore.com\/?post_type=learn&p=5802"},"modified":"2024-01-18T14:59:11","modified_gmt":"2024-01-18T12:59:11","slug":"unpatched-security-vulnerabilities-microsoft-adobe-type-manager-library","status":"publish","type":"post","link":"https:\/\/www.miradore.com\/blog\/unpatched-security-vulnerabilities-microsoft-adobe-type-manager-library\/","title":{"rendered":"How to Implement Workarounds for Unpatched Security Vulnerabilities in the Microsoft Windows Adobe Type Manager Library (ADV200006)"},"content":{"rendered":"
Adobe Type Manager font library (atmfd.dll) used in Microsoft Windows has been reported to contain unpatched security vulnerabilities. These vulnerabilities exist in all current Windows versions including Windows Server versions.<\/strong><\/p>\n There are already known exploits for these vulnerabilities. By exploiting the vulnerability attacker could achieve a possibility to execute remote code on the target system. An attack can be done for example by persuading the user to open a document containing the malicious code, or even viewing this document in preview mode.<\/p>\n Microsoft has not yet released a fix for the vulnerability but lists three possible workarounds in their Security Advisory: ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability<\/a>:<\/p>\n The first two should work for all Windows versions, but they only limit the risk by disabling some attack vectors. Vulnerability still exists when opening a malicious document. The last one should work for older versions before Windows\u00a010 and should eliminate the vulnerability.<\/p>\n Please note that Microsoft does not currently recommend implementing these workarounds on Windows 10 devices.<\/p>\n We have collected here sample implementations of the workarounds that can be deployed through Miradore (Premium subscription required).<\/p>\n General advice:<\/strong> When implementing any of the following packages, it is highly recommended to test them on a smaller group of devices including all the operating system versions. Make sure changing the settings won\u2019t cause any unexpected implications on your device fleet.<\/p>\n Disabling these panes requires configuring user-specific settings, i.e. settings defined separately for each user account on a computer, User-specific settings are not easy to configure remotely, especially if there are multiple users logging into one computer. User-specific settings can possibly be configured via Group Policies or login script.<\/p>\n <\/p>\n <\/p>\n When Microsoft releases the fix for these vulnerabilities, you can use Miradore to install the patches on your Windows devices.<\/p>\n","protected":false},"excerpt":{"rendered":" Adobe Type Manager font library (atmfd.dll) used in Microsoft Windows has been reported to contain unpatched security vulnerabilities. These vulnerabilities exist in all current Windows…<\/p>\n","protected":false},"author":13,"featured_media":5834,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"0","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"5764,10269,609,449,27835,2725","_relevanssi_noindex_reason":"","footnotes":""},"categories":[1],"tags":[371,367],"acf":[],"lang":"en","translations":{"en":5802},"pll_sync_post":[],"_links":{"self":[{"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/posts\/5802"}],"collection":[{"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/comments?post=5802"}],"version-history":[{"count":1,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/posts\/5802\/revisions"}],"predecessor-version":[{"id":28278,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/posts\/5802\/revisions\/28278"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/media\/5834"}],"wp:attachment":[{"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/media?parent=5802"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/categories?post=5802"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.miradore.com\/wp-json\/wp\/v2\/tags?post=5802"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<\/span>Workarounds<\/span><\/h2>\n
\n
<\/span>Implementing workarounds with Miradore<\/span><\/h2>\n
<\/span>How to add packages in Miradore<\/span><\/h2>\n
\n
\n
\n
Disable Preview Pane and Details pane in Windows Explorer<\/h3>\n
Disable WebClient service<\/h3>\n
\n
Rename ATMFD.DLL<\/h3>\n
\n
\n