Jump to content
MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. ×

Microsoft Warns of Hackers Abusing Windows Adobe Library Zero-Days

Recommended Posts





To be clear and despite its name, this is *not* Adobe code. Microsoft was given the source code for ATM Light for inclusion in Windows 2000/XP. After that, Microsoft took 100% responsibility for maintaining the code.

— Rosyna Keller (@rosyna) March 23, 2020


As you can see it also affects Windows XP:


More info for mitigations:


I recommend users to disable WebClient service.

Black Vipers also believes this service for Windows XP:


I have not found a reason to have this service running. I have a hunch that this is going to be required for Microsoft’s “.Net Software as a service.” For security reasons, I recommend for this service to be disabled. If some MS products, such as MSN Explorer, Media Player, NetMeeting or Messenger fail to provide a particular function, try to enable this service to see if it is “required” for your configuration. Developers using WebDAV may also need this for remote connectivity.

which is therefore also disabled in the SAFE column:


Edited by Sampei.Nihira
  • Like 1
Link to post
Share on other sites

@RainyShadow ;)


It may be interesting for UBO users to block third-party remote fonts:



If you want to allow third-party fonts for some specific sites you can add them by modifying the above filter:





It would be interesting to discuss whether this option is effective or not.:dubbio::hello:



Edited by Sampei.Nihira
Link to post
Share on other sites

Thanks to 0patch we have some more info:



I went to check the PFM files:


"open with Windows Font Viewer"

start - run - fonts - double click on a font and you will see the Windows font viewer.

No type of PFB file on my PC.
The MMM file type is considered a media file, and opened with Media Player.

So I created a new type of PFB file that is opened with I.E.8 which in my pc is blocked by a Novirusthanks OSArmor rule:


Also changed the type of PFM file with I.E.8.

For now, the MMM file type remains unchanged.


Edited by Sampei.Nihira
  • Like 1
Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...