Microsoft Windows TrueType Font Parsing Code Execution Vulnerability
Last Update Date:
7 Nov 2011 10:48
Release Date:
7 Nov 2011
5529
Views
RISK: High Risk
TYPE: Operating Systems - Windows OS
A vulnerability has been identified in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error within the Win32k kernel-mode driver (win32k.sys) when parsing TrueType fonts.
Impact
- Remote Code Execution
System / Technologies affected
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply Microsoft Fix it
http://support.microsoft.com/kb/2639658
Vulnerability Identifier
Source
Related Link
Share with