Microsoft Windows Open Type Font Remote Code Execution Vulnerability

NVD

Known Exploited Vulnerability

CVE-2016-7256, Microsoft Windows Open Type Font Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.

The following remediation steps are recommended / required by June 15, 2022: Apply updates per vendor instructions.