Bright Security’s Enterprise Grade Dev-Centric DAST Integrates with

Microsoft Defender for Cloud →
Product
Product overview

See how dev-centric DAST for the enterprise secures your business.

Web attacks

Continuous security testing for web applications at high-scale.

API attacks

Safeguard your APIs no matter how often you deploy.

Business logic attacks

Future-proof your security testing with green-flow exploitation testing.

LLM attacks

Next-gen security testing for LLM & Gen AI powered applications and add-ons.

Interfaces & extensions

Security testing throughout the SDLC - in your team’s native stack.

Integrations

Connecting your security stack & resolution processes seamlessly.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Book a demo

We’ll show you how Bright’s DAST can secure your security posture.

Resources
Blog

Check out or insights & deep dives into the world of security testing.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Case studies

Dive into DAST success stories from Bright customers.

Research

Download whitepapers & research on hot topics in the security field.

Company
About us

Who we are, where we came from, and our Bright vision for the future.

News

Bright news hot off the press.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

We're hiring

Want to join the Bright team? See our open possitions.

Bug bounty

Found a security issue or vulnerability we should hear about? Let us know!

Contact us

Need some help getting started? Looking to collaborate? Talk to us.

Resources > Blog >
Microsoft Reports Two Critical 0-day Vulnerabilities

Microsoft Reports Two Critical 0-day Vulnerabilities

Microsoft warned billions of Windows users of two critical 0-day vulnerabilities in all currently supported versions of Microsoft Windows, both server and desktop.

These vulnerabilities allow hackers to remotely take complete control over targeted computers in an AppContainer sandbox. The vulnerabilities are given a critical severity rating which is the highest Microsoft gives.

Both vulnerabilities are in the Windows Adobe Type Manager Library, a font parsing software that not only parses content when opened with a third-party software but is also used by Windows Explorer to display the content of a file in the ‘Details Pane’ or ‘Preview Pane’ without users having to open it.

The company is aware of the issues and working on patches that are typically released on the second Tuesday of the month. Although, Microsoft sometimes releases emergency patches outside of that schedule for critical flaws. We hope this could be one of those cases.

In the meantime here are some workarounds for you to mitigate the risk of getting hacked

Disable the Details Pane and Preview Pane in Windows Explorer

  • Open Windows Explorer, click Organize and then click Layout.
  • Clear both the Details pane and Preview pane menu options.
  • Click Organize, and then click Folder and search options.
  • Click the View tab.
  • Under Advanced settings, check the Always show icons, never thumbnails box.
  • Close all open instances of Windows Explorer for the change to take effect.

Disable WebClient to prevent attacks through WebDAV client service. 

  • Click Start, click Run (or press the Windows Key and R on the keyboard), type Services.msc and then click OK.
  • Right-click WebClient service and select Properties.
  • Change the Startup type to Disabled. If the service is running, click Stop.
  • Click OK and exit the management application.

Rename or Disable ATMFD.DLL

Microsoft is also urging users to rename the Adobe Type Manager Font Driver (ATMFD.dll) file to temporarily disable the embedded font technology, which could cause certain 3rd-party apps to stop working.

Enter the following commands at an administrative command prompt:

For 32-bit system:

cd "%windir%\system32"
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll

For 64-bit system:

cd "%windir%\system32"
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll
cd "%windir%\syswow64"
takeown.exe /f atmfd.dll
icacls.exe atmfd.dll /save atmfd.dll.acl
icacls.exe atmfd.dll /grant Administrators:(F)
rename atmfd.dll x-atmfd.dll

We will share further updates with you when we learn more and when there is a valid patch available for complete remediation of this security issue. 

Stay updated on our LinkedIn page and stay healthy!

Your Friends at Bright

Resources

Domain Hijacking: How It Works and 6 Ways to Prevent It

What Is Domain Hijacking?  Domain hijacking refers to the unauthorized acquisition of a domain name by a third party, effectively taking control away from the rightful owner. This form of cyber attack can lead to significant disruptions, including loss of website functionality, email services, and potentially damaging the brand’s reputation.  Domain hijackers often exploit security

Mastering Vulnerability Management: A Comprehensive Guide

Modern day organizations face a constant barrage of cyber threats, making it imperative to implement robust vulnerability management processes. Vulnerability management is a systematic approach to identifying, evaluating, treating, and reporting on security vulnerabilities in systems and their associated software. In this blog post, we’ll delve into the four crucial steps of vulnerability management process

Vulnerability Scanners: 4 Key Features, Types, and How to Choose

A vulnerability scanner is a specialized software tool designed to assess the security of computers, networks, or applications by automatically detecting and analyzing weaknesses. These scanners proactively search for security vulnerabilities, such as unpatched software, misconfigurations, and other security gaps that could be exploited by attackers. Some scanners can simulate the actions of an attacker to help identify exploitable vulnerabilities.

Get our newsletter