Threat Advisory | Microsoft Font Driver Vulnerability
Microsoft Windows has reported a critical vulnerability that could allow remote execution if a user opens documents or visits untrusted webpages that contain embedded OpenType fonts.
A security update has been made available and will correct how the Windows Adobe Type Manager Library handles OpenType fonts.
For more information about this update, see Microsoft Knowledge Base Article 3079904.
Most clients will have automatic Microsoft Windows updates enabled and will not need to take any action. For those who do not have automatic updates enabled or who install updates manually, review the affected software, here and take the appropriate action to install the recommended update.