Microsoft Security Bulletin Advance Notification for December 2011

Discussion in 'other security issues & news' started by ronjor, Dec 8, 2011.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. wat0114

    wat0114 Guest

    No worries :)

    Although I don't know the specifics, it affects the Windows truetype font engine, and there was mention that opening an infected Word document was enough to allow malicious shell script to run that could give hackers ability to run code in kernel mode.
     
    wat0114, Dec 14, 2011
    #26
  2. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,944
    Location:
    USA
    So with the Fixit applied, one loses custom handwriting fonts in IE?
    Not the end of the world. :)
     
    Page42, Dec 14, 2011
    #27
  3. wat0114

    wat0114 Guest

    Yeah, I'm not sure if that's all that breaks?? Hopefully that's it.

    BTW, there's more here on how the exploit works. Post #86 provides a flow chart on it :)
     
    wat0114, Dec 14, 2011
    #28
  4. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,944
    Location:
    USA
    I just dug out some notes on this and read here that "applications that have functionality that relies on the T2embed.dll file, such as applications that generate PDF files, may not work as expected. For example, Microsoft Office software will be unable to generate PDF files".
     
    Page42, Dec 14, 2011
    #29
  5. wat0114

    wat0114 Guest

    Okay, so it has more impact than just font rendering. Oh well, maybe better to leave the Fixit out, but as mrBrian pointed out, it would depend on the person's needs.
     
    wat0114, Dec 15, 2011
    #30
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...