Overview
Microsoft Windows contains two vulnerabilities in the parsing of Adobe Type 1 fonts, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Description
Adobe Type Manager, which is provided by atmfd.dll, is a kernel module that is provided by Windows and provides support for OpenType fonts. Two vulnerabilities in the Microsoft Windows Adobe Type Manager library may allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system. This vulnerability affects all supported versions of Windows, as well as Windows 7. This vulnerability is being exploited in the wild. |
Impact
By causing a Windows system to open a specially crafted document or view it in the Windows preview pane, an unauthenticated remote attacker may be able to execute arbitrary code with kernel privileges on a vulnerable system. Windows 10 based operating systems would execute the code with limited privileges, in an AppContainer sandbox. |
Solution
Apply an update This issue has been addressed in Microsoft updates for CVE-2020-1020. Please also consider the following workarounds that are listed in Microsoft Security Advisory ADV200006: |
Rename ATMFD.DLL |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Temporal | 9 | E:F/RL:W/RC:C |
| Environmental | 9.0 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
This document was written by Will Dormann.
Other Information
| CVE IDs: | CVE-2020-1020 |
| Date Public: | 2020-03-23 |
| Date First Published: | 2020-03-23 |
| Date Last Updated: | 2020-04-14 18:00 UTC |
| Document Revision: | 26 |