Targeted attacks exploiting vulnerabilities in Microsoft Windows

Our advisories highlight current cyber security threats and vulnerabilities in New Zealand, and provide guidance on how to mitigate their impact.

Subscribe to our updates to be notified as soon as we publish an advisory.

3:40pm, 24 March 2020

TLP Rating: Clear

Targeted attacks exploiting vulnerabilities in Microsoft Windows

We are aware of attackers exploiting currently unpatched vulnerabilities in the Adobe Type Manager Library. Microsoft has released an advisory with workarounds to help reduce customer risk until the security patch is released. If exploited, these vulnerabilities allow an attacker Remote Code Execution on the affected computer

The current attacks are believed to be targeted, however all administrators should apply the relevant mitigations for their organisation.

What's happening

Systems affected

All supported versions of the Microsoft Windows and Server operating systems, as well as Windows 7.

What this means

If a system is vulnerable, then an attacker may be able to use this to execute code by tricking a user into opening or previewing content such as office documents.

A security patch is not yet available, but Microsoft is working on a security patch to address it.

What to look for

How to tell if you're at risk

You’re at risk if you’re running an affected version, and haven’t applied the relevant workarounds for your version of Windows.

What to do

Prevention

Microsoft has released a number of workarounds to help reduce customer risk until the security patch is released. CERT NZ recommends you apply the mitigations for your Windows version and apply the patch once it’s available.

Microsoft advisory External Link

More information

CISA advisory External Link

Microsoft advisory External Link

If you require more information or further support, submit a report on our website.

Report an incident to CERT NZ External Link

For media enquiries, email our media desk at certmedia@cert.govt.nz or call on 021 854 384