It seems that a recent zero-day vulnerability for Windows has been discovered, so much so that Microsoft has recently issued an emergency security patch for it. It seems that this zero-day vulnerability is so serious to the point where the patch will be for all versions of Windows, regardless of whether or not Microsoft has stopped supporting the platform.
According to a security bulletin posted by Microsoft, “The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.” Microsoft is highly recommending that the patch be installed.
The Redmond company claims that should the patch not be attended to, hackers who are able to take advantage of it will potentially be able to make heavy modifications to your system, such as install new programs, edit data, or create accounts with full user rights. The zero-day vulnerability was made aware when emails from the Hacking Team were leaked.
The leak is one of the many vulnerabilities discovered in the process. It was also discovered that the Hacking Team had knowledge about a zero-day vulnerability for Adobe Flash, leading some to question whether or not the Flash standard should continue being used today in an industry which has mostly adopted HTML5.