[German]ACROS Security has released a micropatch for the memory corruption vulnerability CVE-2020-0687 in TTF fonts for Windows 7 and Server 2008 R2 (without ESU).
The TTF vulnerability CVE-2020-0687
CVE-2020-0687 is a vulnerability that allows remote code execution (RCE) via specially crafted Windows True Type Fonts (TTF). The whole thing is known as “Microsoft Graphics Remote Code Execution Vulnerability” since April 14, 2020.
Microsoft describes the vulnerability in this document and has released security updates for Windows 7 to Windows 10 on April 14, 2020. However, users of Windows 7 SP1 and Windows Server 2008 R2 who do not have an ESU license will no longer receive the security updates released by Microsoft.
0patch-Fix for Windows 7 SP1/Server 2008 R2
ACROS Security has developed a micropatch for the vulnerability CVE-2020-0687. Mitja Kolsek of ACROS Security has informed me privately that the micropatch has been released for Windows 7 SP1 and Windows Server 2008 R2. There is now also a message on Twitter.
Windows 7 and Server 2008 R2 users without Extended Security Updates have just received a micropatch for CVE-2020-0687, a memory corruption issue in TTF font parsing that could lead to remote code execution when visiting a web site or opening a malicious document. pic.twitter.com/VddTKZ5DmS
— 0patch (@0patch) April 22, 2020
In further follow-up tweets ACROS Security provides some more explanations about the vulnerability and the micropatch. This patch is available for subscribers of the Pro and Enterprise version. Hints on how the 0patch agent, which loads the micro patches into memory at runtime of an application, works can be found in the blog posts (e.g. here), which I have linked below.
Windows 7: Forcing February 2020 Security Updates – Part 1
Windows 7: Securing with the 0patch solution – Part 2
Windows 7/Server 2008/R2: 0patch delivers security patches after support ends
Project: Windows 7/Server 2008/R2 Life Extension & 0patch one month trial
0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674
0patch: Fix for Windows Installer flaw CVE-2020-0683
0patch fix for Windows GDI+ vulnerability CVE-2020-0881
0-day vulnerability in Windows Adobe Type Library
Cookies helps to fund this blog: Cookie settings