Microsoft bracing for malware attacks from embedded fon

reghakr · 17 Nov 2009

Microsoft bracing for malware attacks from embedded fonts
VULNERABILITIES

Security researchers say it’s only a matter of time — days not weeks — before malicious hackers start exploiting one of the vulnerabilities via booby-trapped Web pages or Office (Word or PowerPoint) documents. The specific vulnerability — in the font parsing subsystem of the win32.sys driver — provides an entry point for hackers to take complete control of an unpatched machine without any user action beyond normal browsing or opening a rigged document file. … Microsoft’s MS09-065 bulletin says an exploit was already publicly available before the update was ready on Patch Tuesday, meaning that malware authors have gotten a long head start researching entry points for attacks.

Date: 12 November 2009

More...........Microsoft bracing for malware attacks from embedded fonts | Zero Day | ZDNet.com

ultraplanet · 17 Nov 2009

The Microsoft Security Bullentin says W7 is not affected.

http://www.microsoft.com/technet/sec.../MS09-065.mspx

reghakr · 18 Nov 2009

You are correct, sorry.

Note to self......read the damn article reghakr