Windows Font Driver Type 1 VToHOrigin stack corruption
CVE-2020-1020 Windows Font Driver Type 1 VToHOrigin stack corruption only works on win7 x64
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0938.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 r2 |
||
microsoft windows 10 1607 |
||
microsoft windows 8.1 - |
||
microsoft windows server 2016 - |
||
microsoft windows server 2008 - |
||
microsoft windows 7 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows 10 - |
||
microsoft windows 10 1709 |
||
microsoft windows 10 1803 |
||
microsoft windows 10 1809 |
||
microsoft windows 10 1903 |
||
microsoft windows 10 1909 |
||
microsoft windows server 2012 - |
||
microsoft windows server 2016 1803 |
||
microsoft windows server 2016 1903 |
||
microsoft windows server 2016 1909 |
||
microsoft windows server 2019 - |
This month the vendor has patched 113 vulnerabilities, 18 of which are rated Critical.
Posted: 15 Apr, 202029 Min ReadThreat Intelligence SubscribeMicrosoft Patch Tuesday - April 2020This month the vendor has patched 113 vulnerabilities, 18 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid handling files from unknown or questionable ...