MS.Embedded.OpenType.Font.Integer.Overflow
Description
This indicates an attack attempt against an integer-overflow vulnerability in
Microsoft Windows(T2EMBED.DLL).
The vulnerability is caused by an error when the vulnerable system handles
a malicious '.eot' file. A remote attacker may exploit this to execute arbitrary code via a crafted eot file.
Affected Products
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003
Windows Vista
Windows Server 2008
Impact
System compromise
Recommended Actions
Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/Bulletin/MS10-076.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |