Using Windows Preview Pane ? You might be under attack and no bug fix says Microsoft !

If you are using Windows Preview Pane to view your PDF files, then its time to pause for a minute and change your options. Because a new vulnerability ADV200006 (Type 1 Font Parsing Remote Code Execution Vulnerability) which uses the unpatched Adobe library to affect our systems  has been discovered by the security team. 

So, what is it for now? Am i infected ?

Right now, this issue is affecting mainly Windows 7 users and if you are using Windows 10 then you are little bit safe as Microsoft claims Windows 10's default security mechanism will prevent this type of attack on Windows 10.

Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.

Is there any update that we can install ?

No right now, even the most updated system will be affected because of this bug. And there is no bug fix available even though Microsoft is already working on a fix.

So, what to do now, any Work around?

There are three workarounds, suggested by Microsoft for this issue.

1) Disabling Webclient service

2) Renaming ATMFD.Dll file 

and 3) Disabling Preview Pane.

But, to be on safer side you can disable this preview pane for sometime, which is the easiest one if you are a beginner.

Here, is how to disable Preview Pane :

  • Open Windows Explorer
  • click Organize, and then click Layout. 
  • Select both the Details pane and Preview pane menu options. 
  • Click Organize, and then click Folder and search options.
  • Click the View tab. Under Advanced settings, clear the Always show icons, never thumbnails box. 

Click Apply , OK

That's it.

Just disable it and keep your system safe from hackers.