{"id":33989,"date":"2020-03-23T20:27:29","date_gmt":"2020-03-23T20:27:29","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/"},"modified":"2020-03-23T20:27:29","modified_gmt":"2020-03-23T20:27:29","slug":"its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/","title":{"rendered":"It&#8217;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either"},"content":{"rendered":"<p>Hackers are commandeering victims&#8217; Windows PCs by exploiting at least one remote-code-execution flaw in the Adobe Type Manager Library included with the Microsoft operating system. No patches are available right now.<\/p>\n<p>Redmond <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/adv200006#march-23-flaw\">today warned<\/a> of two flaws, not yet assigned CVE numbers, present in the font parser \u2013 and at least one has been exploited in a &#8220;limited number of attacks&#8221; to hijack vulnerable computers. The only way to prevent trivial automatic exploitation is to disable the preview and details panes in Windows Explorer, though that will not kill off the bugs entirely unless you disable the library.<\/p>\n<p>That &#8220;limited number&#8221; of victims may well change in the near future as it&#8217;s likely exploit developers will hunt for the flaws to leverage now that the word is out.<\/p>\n<p>All supported versions of Windows are affected.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2017\/07\/19\/computer_worm_photo_via_shutterstock.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"Computer worm photo via Shutterstock\"><\/p>\n<h2 title=\"Anyone able to reach a vulnerable machine can get system-level access, no login needed\">Thought you were done after Tuesday&#8217;s 115-fix day? Not yet: Microsoft emits SMBv3 worm-cure crisis patch<\/h2>\n<p><a href=\"https:\/\/www.theregister.co.uk\/2020\/03\/12\/smb_patch_microsoft\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>Adobe, for what it&#8217;s worth, said this is Microsoft&#8217;s problem. &#8220;This library is exclusively supported by Microsoft, and customers using Adobe products are not at risk,&#8221; Adobe helpfully told <em>The Register<\/em>.<\/p>\n<p>To exploit the bugs, a miscreant can include a malformed multi-master font in a document, and send it to a victim. When the victim&#8217;s PC tries to view the file, either in an application or in a preview pane, the operating system passes the embedded font, in Adobe Type 1 PostScript format, to the Adobe Type Manager Library, which mishandles the corrupt data and causes arbitrary code smuggled within the font to execute.<\/p>\n<p>We&#8217;re told Windows 10 with AppContainer setup will at least contain any intrusion to a single application sandbox, rather than allow the malicious code to gain full access to a box.<\/p>\n<p>One mitigation is to disable the Windows Explorer Preview Pane and Details Pane. This can be done through the Advanced Settings option in the Organize&gt;Layout menu. Note that this will only prevent exploitation during preview. Opening a poisoned file in an application will still trigger exploitation.<\/p>\n<p>To really close off the flaw, you will also need to disable the WebClient service and\/or rename the library, ATMFD.DLL, so that it cannot be loaded. Those with Windows 8.1 or earlier can also edit the registry to disable the vulnerable components. Check the Microsoft advisory for the pitfalls associated with these workarounds.<\/p>\n<p>Otherwise, it is going to be a bit of a wait to get a fix for this. From the sound of things, Redmond is waiting until the next Patch Tuesday, scheduled for April 14, more than three weeks from now, to address the flaws. If a patch is issued now, exploit developers will be able to reverse engineer changes to the code to figure out how to attack those unable to apply a fix immediately. And given that businesses, tidied up with the coronavirus pandemic, may not be able to install patches across their fleets right now, outside of the Patch Tuesday cycle, Microsoft has decided to keep its cards close to its chest.<\/p>\n<p>Should the number of attacks expand significantly beyond a &#8220;limited number,&#8221; we could see an emergency out-of-band update released sooner, or at least you&#8217;d hope so. \u00ae<\/p>\n<p class=\"wptl btm\"><span>Sponsored:<\/span> <a href=\"https:\/\/go.theregister.co.uk\/tl\/1915\/-8374\/unlock-the-value-of-sd-wan?td=wptl1915\">Webcast: Why you need managed detection and response<\/a><\/p>\n<p>READ MORE <a href=\"https:\/\/go.theregister.co.uk\/feed\/www.theregister.co.uk\/2020\/03\/23\/microsoft_issues_red_alert\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Spreading in the wild, no vaccine, people told to distance themselves from dodgy sources&#8230; sounds familiar Hackers are commandeering victims&#8217; Windows PCs by exploiting at least one remote-code-execution flaw in the Adobe Type Manager Library included with the Microsoft operating system. No patches are available right now.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":33990,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-33989","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>It&#039;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"It&#039;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-23T20:27:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"It&#8217;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either\",\"datePublished\":\"2020-03-23T20:27:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/\"},\"wordCount\":563,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/\",\"name\":\"It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg\",\"datePublished\":\"2020-03-23T20:27:29+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"It&#8217;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/","og_locale":"en_US","og_type":"article","og_title":"It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-03-23T20:27:29+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"It&#8217;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either","datePublished":"2020-03-23T20:27:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/"},"wordCount":563,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/","url":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/","name":"It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg","datePublished":"2020-03-23T20:27:29+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/its-2020-and-hackers-are-still-hijacking-windows-pcs-by-exploiting-font-parser-security-holes-no-patch-either\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"It&#8217;s 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/33989","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=33989"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/33989\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/33990"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=33989"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=33989"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=33989"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}