CVE-2015-2426

Name of the Vulnerable Software and Affected Versions Microsoft Windows Adobe Type Manager Library versions prior to the fixed version

Description The issue is caused by a buffer underflow in the atmfd.dll library, allowing remote attackers to execute arbitrary code via a crafted OpenType font. This could enable an attacker to take complete control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows Adobe Type Manager Library, update to a version that fixes the buffer underflow issue in atmfd.dll to prevent remote code execution. As a temporary workaround, consider restricting the use of specially crafted OpenType fonts until a patch is available. Avoid using the Windows Adobe Type Manager Library with untrusted font sources until the issue is resolved.