Critical Font Parsing Issue in Windows, Revealed

Recently, Microsoft released an advisory about a detected Windows font parsing issue that affects all supported Windows operating system versions, including Windows 7 and 10.

This font parsing issue on Windows is rated critical. It is the highest severity rating that can be given to a Windows issue. According to Microsoft, they are aware of the targeted attacks that are happening and that the company is working on a fix to resolve the vulnerability.

The Font Parsing Issue in Windows

This font parsing code vulnerability targets the Adobe Type Manager Library. To exploit the issue, attackers have found several options, including convincing users to open a custom document and viewing the document in Windows Explorer’s preview pane.

According to Microsoft:

“Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.”

Microsoft has already shared a possible workaround that prevents such attacks from targeting File Explorer or the Windows Explorer. You’ll find out more about this below.

What to Do About the Windows Font Parsing Issue

Want to know how to resolve the font parsing issue in Windows? Then read on.

For Windows 7, 8.1, Server 2008 R2, 2012, and 2012 R2, follow these steps:

1. Open Windows Explorer.
2. Navigate to Organize and select Layout.
3. Disable both Detail and Preview pane options if they are enabled.
4. Go to Organize > Folder and search for Options.
5. Head over to the View tab.
6. Go to Advanced Settings and select Always show icons, never thumbnails.
7. Close all Windows Explorer windows.

For Windows 10/11 and Windows Server 2016 and 2019, follow these steps:

1. Go to File Explorer.
2. Switch to the View tab.
3. Head over to the Details and Preview panes and clear everything. After doing this, they should not be displayed in File Explorer anymore.
4. Now, go to File and select Change folder. Search for Options.
5. Tick the Always show icons, never thumbnails option under Advanced Settings.
6. Close all active File Explorer windows to ensure the changes take effect.

For Windows systems that use the WebClient service, Microsoft recommends disabling the service temporarily as it blocks remote attack vectors via the Web Distributed Authoring and Versioning client service.

Here’s how it is done:

1. Press the Windows + R keys to open the Run dialog box.
2. Into the text field, input services.msc and hit OK to launch the Services Management window.
3. Locate WebClient in the list of services. Right-click on it and choose Properties.
4. Change the Startup type to Disabled.
5. If WebClient is active and running, choose Stop.
6. Hit OK.
7. Close the Service Management window.

For administrators and users who manage Windows 10 version 1703 or earlier, ATMFD might have to be disabled via the Registry to resolve the font parsing issue in Windows.

Below is the script that needs to be run on the Windows Registry Editor:

[HKEY_LOCAL_MACHINE\SOFTWARE \Microsoft\WindowsNT\CurrentVersion\Windows]

“DisableATMFD”=dword:00000001

Prevent Windows Errors in the Future

Windows errors are inevitable. This is especially true when Microsoft rolls out OS updates. However, it does not mean you can’t do anything to prevent them. Below, we’ve compiled a few precautionary measures to take to prevent errors on your Windows device like this critical font parsing issue:

• Always have a backup of your system files.
• Avoid downloading files from unknown sources.
• Think before you click. This is particularly applicable when opening email attachments.
• Keep your apps, programs, and OS up to date.
• Install an anti-malware software to keep malware entities at bay.
• Scan your system for any unwanted files. Use a PC repair tool to automate the process and to avoid deleting important system files.

Have you come across this critical font parsing issue on your Windows computer? How did you deal with it? Let us know in the comments!