Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.
Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers.
Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug.
[...] The attack saw browser sandboxes broken and higher privileges attained before a second payload executed with the newly-acquired higher access privileges.
Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.
(Score: 0) by Anonymous Coward on Sunday October 23 2016, @06:46PM
to correctly render glyphs
I must be going to very different sites.
I block webfonts, yet the text in the pages I visit is completely readable.
...or you're talking about unnecessary chintz.
yeah, nothing at all can go wrong there if you allow bytecode from a remote location to execute unchecked in an [interpreter]
In my AdBlocker, I include the filters
*/font/
*/webfonts/
fonts*js
I also don't run Windoze--a product from a marketing company that dabbles in software.
Being run by salesmen and marketing types, that operation thought it was a good idea to execute user-supplied data (like fonts) in Ring0. [googleusercontent.com] (orig) [wikipedia.org]
It demonstrates just how out of their depth M$ management is.
-- OriginalOwner_ [soylentnews.org]