You need to download a critical security update if you use Windows

Security patch for Windows 7, 8 and 8.1

A discovered vulnerability can allow a hacker to take full control of your PC, but fortunately Microsoft has released a patch.

The flaw – which affects Windows Vista, 7, 8, 8.1, RT and RT 8.1 – allows an attacker to "install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft said in an advisory to users.

The update, described as critical, is released through Windows Update on Monday.

How the vulnerability works

Due to the way that OpenType fonts are handled, hackers can gain control of your system when you open a document or visit a webpage with the embedded fonts.

"The security update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts," Microsoft said in a statement.

In addition to the consumer operating systems, the vulnerability also affects Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.

Microsoft said that Windows versions that are past the support life cycle may also be affected, but aren't listed and won't be patched.

Windows 10

Microsoft will release Windows 10 on July 29 as a free upgrade during the first year of the operating system's launch to existing users of Windows 7, 8 and 8.1. Windows 10 will provide users with 10 years of updates from the date of release.


Read our review of Windows 10