In light of the breach of the Italian security company known as the Hacking Team, Microsoft has published an urgent security update for Windows in order to patch a dangerous zero-day exploit. The Hacking Team data breach has disclosed a huge number of vulnerabilities, including one for Adobe Flash.
Zero-Day Exploit for Windows
The Hacking Team has become globally notorious in the tech world for selling exploits that allow the corporations and governments that buy them to stealthily infiltrate other people’s computers. Included in the exploits leaked after the Hacking Team was hacked was a zero-day exploit for Windows. Since the exploit could potentially allow an attacker to gain full control of a victim’s computer, Microsoft classified the security threat as “critical,” which is its highest threat level.
How Would this Zero-Day Exploit Be Spread?
Hackers could easily obtain access of a computer simply by tricking the victim into either opening a document with OpenType fonts, or by getting them to websites embedded with OpenType. After that, the hacker would be able to install programs, gain access to personal data and create new accounts with the rights of the infected computer’s owner.
What About Windows 10?
Microsoft usually publishes its security updates on the second Tuesday of each month, but the severity of this zero-day issue caused them to publish an out-of-band patch. Microsoft’s first out-of-band patch since November of 2014 also patches the preview of Windows 10, the full version of which is set to be released on July 29, 2015.
For the Future
However, this patch does not necessarily mean that Windows users are totally safe from the exploits conjured up by the Hacking team. There have been new vulnerabilities turning up left and right since the Hacking Team’s documents were compromised on July 5, 2015. It’s likely that even more exploits will rear their ugly heads in the future, so it’s a wise idea to keep an eye out for security updates on your computer, or turn on automatic updating.