Windows users are currently at risk as two new unpatched zero-day vulnerabilities are actively being exploited in the wild. The vulnerabilities, tracked as CVE-2021-31201 and CVE-2021-31199, affect Adobe Type Manager Library and involve improper handling of maliciously crafted master fonts.
These vulnerabilities have a severe impact since an attacker can execute arbitrary code remotely and take complete control of the targeted system. Successful exploitation allows an attacker to install programs, view, change, or delete data, or even create new accounts with full user rights.
The first flaw, CVE-2021-31201, exists due to an improper memory heap allocation in the atmfd.dll. An attacker can exploit this vulnerability by tricking a user into opening a specially crafted document or visiting a maliciously designed website, subsequently executing arbitrary code on the target system.
The second vulnerability, CVE-2021-31199, is due to a boundary error in the atmfd.dll and can be exploited through a specially crafted font. If a user previews or opens a document containing the malicious font, it could lead to arbitrary code execution.
Technical details about these zero-days have not been disclosed yet, but it has been confirmed that they are actively being used in targeted attacks. Although no official patch has been released, users are recommended to remain cautious and avoid opening documents or visiting untrusted websites until a security update becomes available.
Therefore, Windows users are advised to keep their systems up to date and ensure the use of reliable security software to protect against potential threats targeting these actively exploited zero-day vulnerabilities.
