A bug logo in a target on Windows 10's desktop background

Windows 10 has a new security flaw, and it’s already being exploited in the wild. You could be infected with malware just from downloading a file, as File Explorer will automatically open the file and preview it. Windows 7 has the same problem.

Update: This bug was fixed in patches Microsoft released on April 14, 2020. Run Windows Update to fix the problem on your PC.

What You Need to Know

Microsoft announced this security hole on March 23, 2020. Microsoft says it is “aware of limited targeted attacks” that use flaws in the Adobe Type Manager Library. “There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane,” according to Microsoft’s security advisory.

The flaw affects all versions of Windows in active use: Windows 10, Windows 8.1, Windows 8, Windows 7, and various versions of Windows Server. (Of course, if you’re using Windows 7 and aren’t paying for extended security updates, you won’t get a security patch.)

A Microsoft spokesperson told TechCrunch that Microsoft is working on a fix and expects it to be available on the next Patch Tuesday—that is, April 14, 2020.

Until then, Microsoft offers a workaround that will protect your PCs from the security flaw.

How to Protect Your PC

To work around the flaw, all you have to do is disable the Preview and Details panes in File Explorer (or Windows Explorer on older versions of Windows.) Windows won’t automatically display previews of OTF font files, which will protect you.

You could still be attacked if you open a malicious file. However, simply viewing the file in File Explorer won’t be a risk.

To do this, open File Explorer and click the “View” tab at the top of the window.

Ensure both the “Preview pane” and “Details pane” options in the Panes section are disabled. Click them to toggle them on and off.

Next, click the “Options” icon at the right side of the ribbon bar. If a menu appears, click “Change folder and search options.”

Opening the Folder Options window from File Explorer on Windows 10

Click the “View” tab. In the “Advanced Settings” box, enable the “Always show icons, never thumbnails” option.

You’re done. Click the “OK” button to save your changes. Close all open File Explorer windows (or reboot your computer) to ensure your change takes effect.

On Windows 7, you’ll have to change these same options. They’re in a slightly different place in Windows Explorer.

First, click Organize > Layout and use the options in the menu to disable the Details pane and Preview pane.

Second, click Organize > Folder and search options in Windows Explorer to open the options window. Enable the “Always show icons, never thumbnails” option in the same place.

Opening Folder and search options in Windows 10

This change will only be necessary until Microsoft issues a security update that fixes the problem. After the company does, you can re-enable previews. (However, on Windows 7 without security updates, you’ll probably want to leave it disabled permanently.)

Profile Photo for Chris Hoffman Chris Hoffman
Chris Hoffman is Editor-in-Chief of How-To Geek. He's written about technology for over a decade and was a PCWorld columnist for two years. Chris has written for The New York Times and Reader's Digest, been interviewed as a technology expert on TV stations like Miami's NBC 6, and had his work covered by news outlets like the BBC. Since 2011, Chris has written over 2,000 articles that have been read more than one billion times---and that's just here at How-To Geek.
Read Full Bio »