Fortinet Discovers Microsoft Graphics Memory Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a Memory Corruption vulnerability in Microsoft Windows font library.
Windows font library supports many font formats. Each font format contains many thousands of characters. The vulnerable Windows font library is used by many Windows platforms.
The Memory Corruption vulnerability exists when the Windows font library improperly handles a specially crafted EOT file. An attacker who successfully exploited this vulnerability could take control of the affected system.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Oct 08, 2017
Users should apply the solution provided by Microsoft.
Fortinet reported the vulnerability to Microsoft on July 11, 2017.
Microsoft patched the vulnerability on October 10, 2017.
This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.