Microsoft released an emergency patch to deal with a bug that left almost every version of Windows with a “critical” vulnerability.
The software giant said that the vulnerability was so serious that it warranted a special release outside of its regular monthly security update.
The flaw was discovered by security researchers from Google and other companies, and it is related to the way Windows software handles some types of fonts.
If exploited, the loophole would enable attackers to take control of a target machine.
Microsoft advisory warns users
Microsoft announced in an advisory notice that the vulnerability had come to light and was being discussed online, but there was no information “to indicate this vulnerability had been used to attack customers”.
The tech giant went on to say that its own research indicated that the bug could enable hackers to “take complete control” of vulnerable systems.
The potential problem has been found in Windows 7, Windows 8, and Windows RT. It also affects older versions such as Vista, Server 2012, and Server 2008.
How can it affect users?
Windows users could become victims of malicious hackers who could booby-trap websites with code to exploit the bug. Opening a malicious email attachment could also be dangerous.
Microsoft said that experts from Google’s Project Zero and other researchers from security companies Trend Micro and FireEye tipped them off about the bug.
Less than a week ago, Microsoft closed a different loophole in the same system for font handling after a hack attack on the Hacking Team security company.