0patch fixes CVE-2020-0687 in Windows 7/Server 2008 R2

win7 [German]ACROS Security has released a micropatch for the memory corruption vulnerability CVE-2020-0687 in TTF fonts for Windows 7 and Server 2008 R2 (without ESU).

The TTF vulnerability CVE-2020-0687

CVE-2020-0687 is a vulnerability that allows remote code execution (RCE) via specially crafted Windows True Type Fonts (TTF). The whole thing is known as "Microsoft Graphics Remote Code Execution Vulnerability" since April 14, 2020.

Microsoft describes the vulnerability in this document and has released security updates for Windows 7 to Windows 10 on April 14, 2020. However, users of Windows 7 SP1 and Windows Server 2008 R2 who do not have an ESU license will no longer receive the security updates released by Microsoft.

0patch-Fix for Windows 7 SP1/Server 2008 R2

ACROS Security has developed a micropatch for the vulnerability CVE-2020-0687. Mitja Kolsek of ACROS Security has informed me privately that the micropatch has been released for Windows 7 SP1 and Windows Server 2008 R2. There is now also a message on Twitter.

In further follow-up tweets ACROS Security provides some more explanations about the vulnerability and the micropatch. This patch is available for subscribers of the Pro and Enterprise version. Hints on how the 0patch agent, which loads the micro patches into memory at runtime of an application, works can be found in the blog posts (e.g. here), which I have linked below.

Similar articles:
Windows 7: Forcing February 2020 Security Updates – Part 1
Windows 7: Securing with the 0patch solution – Part 2
Windows 7/Server 2008/R2: 0patch delivers security patches after support ends
Project: Windows 7/Server 2008/R2 Life Extension & 0patch one month trial
0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674
0patch: Fix for Windows Installer flaw CVE-2020-0683
0patch fix for Windows GDI+ vulnerability CVE-2020-0881
0-day vulnerability in Windows Adobe Type Library

This entry was posted in Security, Windows and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *