Skip to main content

Microsoft Windows TrueType Font Parsing Code Execution Vulnerability

Last Update Date: 7 Nov 2011 10:48 Release Date: 7 Nov 2011 5529 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A vulnerability has been identified in Microsoft Windows, which can be exploited by malicious people to  compromise a vulnerable system.

 
The vulnerability is caused due to an error within the Win32k kernel-mode driver (win32k.sys) when parsing TrueType fonts.

Impact

  • Remote Code Execution

System / Technologies affected

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link