• Yet another font exploit

    You’d think that MS would’ve figured out a way to block all of the bad font takeover scenarios, but apparently not. Adobe Type Manager fonts just got hit again, this time with a Type 1 PostScript font.

    MS just released Security Advisory ADV200006: Type 1 Font Parsing Remote Code Execution Vulnerability

    Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.

    There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.

    Doesn’t look like something you should worry about – when MS says it’s seen “limited targeted attacks” that usually means normal people aren’t in the line of fire. Expect more about this next Patch Tuesday.

    There’s a manual workaround, but it’s pretty hairy.