en

Microsoft Windows OpenType Font Driver Code Execution Vulnerability

ID: IRCAD2015074005
Release Date: 2015-07-17
Software:
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Vista
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error when handling OpenType fonts within atmfd.dll (Windows Adobe Type Manager Library), which can be exploited to execute arbitrary code via a specially crafted OpenType font.
Solution
Apply update.
References:
Microsoft (KB3079904, KB3074683):
secunia:

The Wall

No comments
You need to sign in to comment