CVE-2015-0059

Name of the Vulnerable Software and Affected Versions Windows Server 2008 R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1

Description A remote code execution issue exists in the Windows kernel-mode driver (win32k.sys) due to improper handling of TrueType fonts. This could allow an attacker to run arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full administrative rights. The exploitation of this issue requires convincing a user to open a specially crafted document or visit an untrusted website containing embedded TrueType fonts.

Recommendations For Windows Server 2008 R2 SP1, update to a version that includes the fix for the TrueType font parsing issue. For Windows 7 SP1, update to a version that includes the fix for the TrueType font parsing issue. For Windows 8, update to a version that includes the fix for the TrueType font parsing issue. For Windows 8.1, update to a version that includes the fix for the TrueType font parsing issue. For Windows Server 2012 Gold and R2, update to a version that includes the fix for the TrueType font parsing issue. For Windows RT Gold and 8.1, update to a version that includes the fix for the TrueType font parsing issue. As a temporary workaround, consider restricting the use of TrueType fonts in documents and websites until a patch is available.