Google recently disclosed a vulnerability in the Win10 system that could allow users to authorize malicious software to access the kernel without their knowledge, thereby subjecting them to hacker attacks. This vulnerability comes from the Windows font renderer, Microsoft DirectWrite.
This font renderer is used by mainstream web browsers such as Chrome, Firefox, and Edge as the default font rasterizer for rendering web font glyphs. It is easily damaged by specially-made TrueType fonts, causing its memory to crash and damage. After this, the malicious programs can then gain access to the kernel. This will allow the hackers to remotely perform arbitrary operations on the target system.
Google’s Project Zero researchers discovered this vulnerability in a text rendering API called Microsoft DirectWrite. The database code of the defect is CVE-2021-24093. They reported the vulnerability to the Microsoft Security Response Center in November. Microsoft released a security update on February 9 to resolve this issue on all vulnerable platforms. The security vulnerability affects multiple versions of Windows 10 and Windows Server, up to the latest version 20H2.
An attacker can use CVE-2021-24093 to trigger a buffer overflow in the fsg_ExecuteGlyph API function by inducing a target user to visit a website with a maliciously crafted TrueType font, thereby gaining access to the Windows kernel.
We recommend that all Microsoft users need to perform security updates to avoid attacks from malicious sites or software.
Microsoft releases Windows 10 21H1 preview and here is a list of new features
Microsoft has released the first preview build of Windows 10 version 21H1, and just a couple of days ago the company confirmed the existence of this update. This is a minor update and it doesn’t come with any major features. We will probably see the major features for the larger 21H2 update.
List of changes:
- Windows Hello multi-camera support to allow users to choose an external camera priority when using high-end displays with integrated cameras.
- Windows Defender Application Guard performance improvements including optimizing document opening scenario times.
- Fixes the issue that causes a one minute or more delay when you open a Microsoft Defender Application Guard (WDAG) Office document. This occurs when you try to open a file using a Universal Naming Convention (UNC) path. It also happens when you try to Server Message Block (SMB) share link.
- We improved Robocopy’s performance when copying files that total over 400 MB in size.
- Fixes the issue that causes a WDAG container to use almost 1GB of memory when the container is idle.
- Windows Management Instrumentation (WMI) Group Policy Service (GPSVC) updating performance improvement to support remote work scenarios.
- We fixed an issue that causes changes that the Active Directory (AD) administrator makes to user or computer group membership to propagate slowly. Although the access token eventually updates, these changes do not appear when the administrator uses gpresult /r or gpresult /h to create a report.