Σοβαρή ευπάθεια των Windows στο Font Driver αποκαλύπτεται από την διαρροή της Hacking Team

02 Aug

Κι άλλη ευπάθεια από το χρυσωρυχείο που είχε το Hacking Team. Μέσω αυτής της ευπάθειας αν κάποιος χρήστης ανοίξει ειδικά διαμορφωμένο αρχείο ή μπει σε σελίδα που έχει embeded OpenType Fonts μπορεί να εκτελεστεί απομακρυσμένα κακόβουλος κώδικας.

Επηρεαζόμενες εκδόσεις Windows:

  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8 and Windows 8.1
  • Windows Server 2012 and Windows Server 2012 R2
  • Windows RT and Windows RT 8.1
  • Server Core installation option
Executive Summary

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.

This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software section.

The security update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. For more information about the vulnerability, see the Vulnerability Information section. For more information about this update, see Microsoft Knowledge Base Article 3079904.

Suggested actions. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. Customers who have not enabled automatic updating, or who install updates manually, can use the links in the Affected Software section to download and install the update. See Microsoft Knowledge Base Article 3079904 for more information.

Περισσότερα στο σχετικό bulletin της Microsoft



Leave a comment

Posted by on 2 August, 2015 in MinOtavrS blog


Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: