KLA10635
RCE vulnerability in Microsoft Font Driver
Обновлено: 17/06/2019
Дата обнаружения
20/07/2015
Уровень угрозы
High
Описание

A remote code execution vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can take complete control of the affected system. This vulnerability can be exploited remotely via a specially crafted OpenType fonts.

Пораженные продукты

Microsoft Windows Vista Service Pack 2,
Microsoft Windows 7 Service Pack 1,
Microsoft Windows 8,
Microsoft Windows 8.1,
Microsoft Windows Server 2008 Service Pack 2,
Microsoft Windows Server 2008 R2 Service Pack 1,
Microsoft Windows Server 2012,
Microsoft Windows Server 2012 R2,
Microsoft Windows RT,
Microsoft Windows RT 8.1.

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-2426
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Windows
CVE-IDS
CVE-2015-24269.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3079904