Microsoft has released a critical security patch to fix a vulnerability that would allow remote code execution when a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.
What that means is that there is now a new way for awful malware like CryptoWall/CryptoLocker to find its way into your system.
Because of the critical nature of this vulnerability, we are testing the patch internally as we speak. Unless things completely break in our testing, we will be distributing the patch to managed computers during their regular maintenance night.
If you are a managed patching client (meaning you are on our CompleteCare, Managed Patching or WestonEssentials programs and have our monitoring agent installed), we will be distributing this patch to your managed systems during regular maintenance night. Please save your work and leave your machines online when you get the maintenance pop-up warning so we can install this patch.
The patching process will likely require your computer to be restarted. If you have machines that you do not want the patch installed, or would like it installed sooner, please let us know as soon as possible by replying to this email or emailing our service team at [email protected] or by calling your local Weston number (in Bend: 541.383.2340 or in Anchorage: 907.375.8324).
If you have machines that aren’t being monitored by Weston’s agent, give us a call for a strategy to apply this and future updates. You can also read more and find downloads for the patch on Microsoft’s support site and TechCenter or this Infoworld article about the issue.