Some fonts allow hackers to execute arbitrary code. While waiting for the fix by April 14, here are the settings that limit the risk of being hacked.
Microsoft has just revealed the existence of two critical zero-day vulnerabilities in Windows 10, 8.1 and 7. Unfortunately, they are already actively used by hackers. To be fooled, all you have to do is open a trapped document or view it in the file explorer. The patch will not be available until April 14.
In the meantime, we must redouble our attention to each document that we receive or download. It is also possible to limit the risk by making some settings in the operating system. The downside is that they also remove features, but that’s the price you pay.
1. Deactivate the visualization in the explorer
The display of a thumbnail in the file explorer is enough to exploit this flaw. To avoid this, open the explorer, go to the “View” tab and deactivate the preview pane and the details pane.
Then click on “Options” and open the “Folder Options” window. In the “Display” tab, check the box “Always display icons, never thumbnails”. Finally, relaunch the explorer.
2. Disable the WebClient service
The WebClient service provides access to file directories on the Internet, via the WebDAV protocol. This is used in particular by providers of cloud solutions, such as OwnCloud or NextCloud. A hacker could use this protocol as an attack vector. Microsoft therefore advises deactivating it. To do this, type “Services” in the search bar, and launch the eponymous application that Windows offers you. Look for the “WebClient” service, right click and stop it. Finally, exit the Services application.
3. Rename ATMFD.DLL
For Windows 7, Windows 8.1 and the first versions of Windows 10, it is possible to deactivate the vulnerable library by renaming the corresponding DLL file. But be careful, this requires entering command lines with administrator privileges, then restarting the system. It is therefore rather reserved for advanced users. For those who want to get started anyway, type “cmd” in the Windows search bar and open the “Command Prompt” application. Then type the following commands for a 64-bit system:
For a 32-bit system, this is a little shorter.
4. Restore the original settings
Once the future patch is installed, do not forget to go back. This is quite easy for the file explorer and the service manager, because you just have to do the reverse operations. It is more complicated for the DLL file, because you have to type command lines again with administrator privileges.