Due to the O/S design, Windows 7 systems are most at risk for Adobe font zero day recently discovered & users must exercise caution with all links & email attachments. To a lesser extent, Windows 10 users are still at risk if good security is not in place.

https://redmondmag.com/articles/2020/03/23/critical-flaw-in-windows-preview-pane.aspx

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200006

https://kb.cert.org/vuls/id/354840/

Microsoft on Monday issued Security Advisory ADV200006 for a “Critical”-rated remote code execution vulnerability in both supported and unsupported Windows systems. The vulnerability, associated with the Adobe Type Manager Library in Windows systems, has been exposed to “limited, targeted attacks,” per the advisory. The library “improperly handles a specially crafted multi-master font.” This flaw can be exploited by “convincing a user to open a specially crafted document or viewing it in the Windows [Explorer] Preview pane.”

– – – – – – – – – – – – – – – – – – – – –

There’s no patch currently available. Microsoft’s advisory offered three “workarounds” to implement, but they all have limitations. The advisory suggested that patches, when available, would arrive on a normal “update Tuesday” patch release date, which happens on the second Tuesday of each month. The next update Tuesday date will be April 14. Newer Windows systems, such as Windows 10, are better protected against an exploit attempt because AppContainer technology limits what an attack can do.