CVE-2011-2002

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description A denial of service issue exists due to improper handling of TrueType fonts. This could allow local users to cause a system hang via a crafted font file. An attacker who successfully exploits this issue could cause the affected system to stop responding.

Recommendations For Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1, update to a version that properly handles TrueType fonts to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.