On Monday, software giant Microsoft reportedly rolled out an emergency patch after it found a critical bug in the version of Microsoft Windows, including the upcoming Windows 10. The company raised a red flag after a security flaw was detected. The security loophole was prone to hacker's exploitation, which would affect two thirds of 1.5 billion Microsoft Windows users across the globe, Yahoo said.
The Yahoo report stated that if the security loophole will not be fixed, hackers will be able to forcibly and completely control the system. Microsoft further warned that once hackers gain control of the affected system, they can install, modify or delete programs and data and tweak users' accounts with full user rights. The company has categorized the threat as "critical," which is Microsoft's highest level of threat.
The report also identified Windows Vista, Windows 7, Windows 8 and 8.1 and Windows RT as the vulnerable and affected systems. The company has reportedly decided to roll out the security update on Tuesday and was given the title "Patch Tuesday," considering the nature of its urgency.
The report noted that hackers will only be able to exploit the computer system if Windows users will open a specially crafted document or a compromised webpage with an affected OpenType, a font reportedly co-developed by Microsoft and Adobe.
"There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. When this security bulletin was issued, Microsoft had information to indicate that this vulnerability was public but did not have any information to indicate this vulnerability had been used to attack customers. Our analysis has shown that exploit code could be created in such a way that an attacker could consistently exploit this vulnerability, said Microsoft on its website.
The recent security flaw came weeks ahead of the launch date of Microsoft's next-generation operating system, the Microsoft Windows 10. It can be recalled that in November 2014, Microsoft has encountered a similar situation when it issued an emergency patch for Windows Servers, according to CNET.
