“A Google Project Zero researcher has publicly disclosed details on a number of patched Adobe and Microsoft vulnerabilities, including one in the Adobe Type Manager Font Driver that could enable takeover of a number of systems supporting modern font engines. ATMFD.dll has supported Type 1 and OpenType fonts in the Windows kernel dating back to NT 4.0. The researcher said that the Windows kernel module has used the same interpreter for both Type 1 and OpenType CharStrings, supporting every function in the specification, bloating it unnecessarily. The bug could enable an attacker to chain together exploits that result in full system compromise using just the one vulnerability.”
https://threatpost.com/details-available-on-patched-adobe-windows-font-vulnerabilities/113454
Tip Freedomwat.ch Staff with Bitcoin