Microsoft · Windows · CVE-2011-0034
**Name of the Vulnerable Software and Affected Versions**
Microsoft Windows versions prior to the fixed version
**Description**
A remote code execution issue exists due to improper parsing of specially crafted OpenType fonts by the OpenType Font (OTF) driver. This allows attackers to execute arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.
**Recommendations**
For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue.
As a temporary workaround, consider restricting access to OpenType fonts from untrusted sources until a patch is available.