Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.
Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers.
Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug.
[...] The attack saw browser sandboxes broken and higher privileges attained before a second payload executed with the newly-acquired higher access privileges.
Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.
(Score: 2, Informative) by Anonymous Coward on Sunday October 23 2016, @05:06AM
What makes me laugh is that I've noticed on more than a few occasions that the icon font is larger than if they just included them as images. Which means that someone went through all the hard work of creating the custom font and getting all the frontend people to use it and they don't actually save any space or alleviate any design problems.