Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10635
RCE vulnerability in Microsoft Font Driver

Updated: 06/18/2020
Detect date
?
 07/20/2015
Severity
?
 High
Description

A remote code execution vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can take complete control of the affected system. This vulnerability can be exploited remotely via a specially crafted OpenType fonts.
Affected products

Microsoft Windows Vista Service Pack 2,
Microsoft Windows 7 Service Pack 1,
Microsoft Windows 8,
Microsoft Windows 8.1,
Microsoft Windows Server 2008 Service Pack 2,
Microsoft Windows Server 2008 R2 Service Pack 1,
Microsoft Windows Server 2012,
Microsoft Windows Server 2012 R2,
Microsoft Windows RT,
Microsoft Windows RT 8.1.
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

CVE-2015-2426
Impacts
?
ACE 
[?]
Related products
 Microsoft Windows
CVE-IDS
?
CVE-2015-24269.3Critical
Microsoft official advisories
 Microsoft Security Update Guide
KB list

3079904
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/38222

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up