CVE-2015-2432

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT Gold and 8.1

Description A remote code execution issue exists in the Windows Adobe Type Manager Library when it improperly handles specially crafted OpenType fonts. This could allow an attacker to execute arbitrary code, potentially taking complete control of the affected system, installing programs, viewing, changing, or deleting data, or creating new accounts with full user rights.

Recommendations For Microsoft Windows Vista SP2, update the Windows Adobe Type Manager Library to a non-vulnerable version. For Microsoft Windows Server 2008 SP2 and R2 SP1, update the Windows Adobe Type Manager Library to a non-vulnerable version. For Microsoft Windows 7 SP1, update the Windows Adobe Type Manager Library to a non-vulnerable version. For Microsoft Windows 8, update the Windows Adobe Type Manager Library to a non-vulnerable version. For Microsoft Windows 8.1, update the Windows Adobe Type Manager Library to a non-vulnerable version. For Microsoft Windows Server 2012 Gold and R2, update the Windows Adobe Type Manager Library to a non-vulnerable version. For Microsoft Windows RT Gold and 8.1, update the Windows Adobe Type Manager Library to a non-vulnerable version.