Endpoint Vulnerability

Express Compressed Fonts Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits exploited this vulnerability would gain code execution on the target system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Affected Products

Windows 7,Windows Server 2008

References

CVE-2017-8691,