Hackers are attacking Windows users with an unpatched bug, Microsoft said in a new advisory. While Microsoft is already working on a patch, but until it is rolled out, the advisory should serve as a warning to all Windows users.
Microsoft disclosed on the advisory that there were "limited, targeted attacks." However, the tech giant did not name the attackers or the scale of the exploitation.
The vulnerability is found in Windows 10 and all supported versions of the operating system. The company is offering a temporary fix for all affected users until a fix is available. Windows 7 is also affected by the unpatched bug, but only enterprise users with extended security support will receive patches.
Microsoft described the security flaw as "critical," its highest severity rating, and is affecting how Windows handles and renders fonts, the company's post said Monday. It added that the bug can be exploited by tricking a user into opening a malicious document. What's worse is that a user doesn't even need to fully open the document to be attacked -- viewing it using Windows Preview is enough to allow an attacker to inject malware on a vulnerable device.
Microsoft regularly issues security patches on the second Tuesday of each month, but in severe cases, it dispatches fixes out of schedule. A spokesperson for the company has suggested a fix would potentially arrive on April 14, the next Patch Tuesday.
Meanwhile, yesterday's White House coronavirus task force press conference saw U.S. President Donald Trump announcing the launch of a new consortium that would take full advantage of American technology to combat COVID-19. The members of the new consortium include the White House, the U.S. Department of Energy, IBM, Google, Amazon, and Microsoft.
Microsoft and members of the consortium will work together to assess proposals and provide access to high-performance computing resources to researchers and experts.
"How can supercomputers help us fight this virus? These high-performance computing systems allow researchers to run very large numbers of calculations in epidemiology, bioinformatics, and molecular modeling," said Dario Gil, IBM's Director of Research.
John Kahan, Microsoft's global head for its AI for Health Program, said that the software company wants to "make sure researchers working to combat COVID-19 have access to the tools they need." The company aims to achieve this goal by widening access to its Azure cloud and by allowing more researchers and scientists to work with the software giant's own data experts.
