Automatically Discover, Prioritize and Remediate Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006) using Qualys VMDR®
On March 23, Microsoft released zero day advisory ADV200006 to address two critical remote code execution vulnerabilities in Adobe Type Manager Library that affects multiple versions of Windows and Windows Server.
The vulnerabilities exist within the way that Windows parses OpenType fonts. For example, an attacker could convince a user to open a specially crafted document or view it in the Windows Preview pane. Windows Preview pane is used by the Windows Explorer (which is called File Explorer in Windows 10) file manager application to preview pictures, video, and other content. Successful exploitation would require an attacker to convince a user to open a malicious document or visit a malicious page that exploits the WebClient service which is normally listening for WebDAV file shares.
Qualys released a blog post earlier on how to identify ADV200006 in your environment:
Microsoft Released Out-of-Band Advisory – Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006)
Here we describe how to resolve it with Qualys VMDR®.