Active Directory (AD) admins can mitigate the recently disclosed and actively exploited remote code execution (RCE) zero-day found in the Windows Adobe Type Manager Library in large AD environments using group policies.

Microsoft warned on March 23 of limited ongoing targeted attacks against Windows 7 devices attempting to exploit two unpatched vulnerabilities in the Adobe Type Manager Library.

The security flaws impact devices running both desktop and server Windows releases, including Windows 10, Windows 8.1, Windows 7, and multiple versions of Windows Server.