服务公告

全部公告 > 安全公告 > 微软Type 1字体解析远程代码执行漏洞预警

微软Type 1字体解析远程代码执行漏洞预警

2020-03-24

一、概要

近日,华为云关注到微软官方紧急发布编号为ADV200006的安全通告,当中披露由于Windows Adobe Type Manager Library不恰当的处理特殊构造的多重母版字体 - Adobe Type1 PostScript格式,导致存在两个远程代码0day漏洞。漏洞影响多个windows操作系统版本,目前已发现有在野攻击利用,官方暂仅提供缓解措施来降低安全风险,补丁程序将在下个月的补丁日发布。

华为云提醒使用windows用户及时安排自检并做好安全加固。

参考链接:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200006

二、威胁级别

威胁级别:【严重】

(说明:威胁级别共四级:一般、重要、严重、紧急) 

三、漏洞影响范围

影响版本:

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for Itanium-Based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1803 (Server Core Installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation) 

四、漏洞处置

目前,官方已在通告内容中提供了多种缓解措施,请受影响的用户参考官方指导进行操作,主要有以下几种方式:

措施1、在Windows资源管理器中禁用预览窗格和详细信息窗格;

措施2、禁用WebClient服务;

措施3、重命名ATMFD.DLL。

注:修复漏洞前请将资料备份,并进行充分测试。