Hackers exploit two more Windows zero-day bugs
Microsoft will patch a pair of zero-day Windows vulnerabilities later today that attackers have been exploiting to penetrate major corporations’ networks, researchers at FireEye said Tuesday.
The flaws found by FireEye were different than another discovered by iSight Partners, which today revealed an ongoing campaign by Russian hackers against the Ukrainian government and targets in the U.S.
Microsoft will also patch the iSight-found flaw today.
According to FireEye, the more dangerous of the two vulnerabilities it discovered was a bug in the TrueType Font subsystem, was classified as a “remote code execution” flaw and will be patched by Microsoft with a fix applied to the Windows kernel.