Microsoft released an emergency patch today, out of the normal schedule of once a month.  This critical patch is part of the fall out related to the Hacking Team breach.  This patch fixes a vulnerability in all operating systems released since Windows Vista.  The vulnerability is related to how Microsoft Windows handles OpenType font sets.

The vulnerability, if not patched, provides a mechanism that a hacker could use to execute malware on the computer.  A user could be convinced via social engineering to open a document or website that causes the vulnerability to be exploited.  This would likely lead to complete control of the computer by the attacker and if connected to a network allow for movement across the network.

It is highly recommended that you run Microsoft Windows Update to apply the patch.   Get security updates automatically (https://www.microsoft.com/security/pc-security/updates.aspx). Or your can download the patch directly by going to Microsoft Security…

View original post 35 more words