Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now
Advertisement

Microsoft released a critical security fix for Windows that you should install

The vulnerability could allow someone to take over your computer by getting you to open a document or directing you to a webpage.

Image: Jeff Chiu/Press Association

ALL VERSIONS OF Windows have a critical flaw that could allow people to take over computers easily.

The software giant said that the vulnerability, if exploited, “could allow remote code execution if a user opens a specially crafted document or visit an untrusted webpage that contains embedded OpenType fonts”.

The issue meant that someone could take over your computer just by getting you to open a specific document, or by directing you to a certain webpage, and exploiting how Windows Type Manager Library handles OpenType fonts, which is where the vulnerability lies.

Microsoft say an attacker could use this opportunity to “install programmes; view, change or delete data; or create new accounts with full user rights”.

The security update is rated ‘Critical’ for all supported releases of Windows such as Vista, 7, 8 and 8.1. The same issue can also be found on the Insider version of Windows 10.

Microsoft said the vulnerability was already public when it released the update but that it didn’t “have any information to indicate this vulnerability had been used to attack customers”.

Making a difference

A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article.

Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

For the price of one cup of coffee each week you can make sure we can keep reliable, meaningful news open to everyone regardless of their ability to pay.

Security researchers from Google’s Project Zero, FireEye and TrendMicro Company were credited with finding the flaw.

If you don’t have security updates enabled automatically, you can install the patch by running Windows Update, which can be found by going into Start and searching for the term.

Read: People are really annoyed at Twitter for deleting their background pictures >

Read: This map reveals the unique playlist of cities across the world >

About the author:

Quinton O'Reilly

Read next:

COMMENTS (15)