MS11-087: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
High Nessus Plugin ID 57273
The remote Windows kernel is affected by a remote code execution vulnerability.
The remote host is running a version of the Windows kernel that is affected by a remote code execution vulnerability. Specially crafted TrueType fonts are not properly handled, which could allow arbitrary code execution in kernel mode. A remote attacker could exploit this vulnerability by tricking a user into viewing a specially crafted TrueType font (e.g., via web or email). This vulnerability is reportedly being exploited in the wild by the Duqu malware.
Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.