This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains specially crafted fonts. The security update addresses the vulnerability by correcting how Windows parses fonts.
- Windows 7 (All supported editions)
- Windows Server 2008 R2
Windows Integer Underflow Vulnerability - CVE-2015-6130
A remote code execution vulnerability exists when Windows Unsubscribe improperly parses specially crafted fonts. An attacker who successfully exploits the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, and convincing a user to visit an untrusted webpage that contains embedded fonts. The security update addresses the vulnerability by correcting how Windows parses fonts.
- Apply appropriate patches provided by Microsoft to vulnerable systems immediately after appropriate testing.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Remind users not to open email attachments from unknown users or suspicious emails from trusted sources.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.