Microsoft Security Bulletin: Level 1 Advisory
What is the purpose of this alert?
This alert is to notify you that Microsoft has released Security Advisory 2639658 – Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege - on November 03, 2011.
Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
The vulnerability cannot be exploited automatically through email. For an attack to be successful, a user must open an attachment that is sent in an email message.
Review Microsoft Security Advisory 2639658 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQ), and links to additional resources.
Customers who believe they are affected can contact Customer Service and Support. Contact CSS in North America for help with security update issues or viruses at no charge using the PC Safety line (866)PCSAFETY. International customers can contact Customer Service and Support by using any method found at this location: http://www.microsoft.com/security/worldwide.aspx.
- Microsoft Security Advisory 2639658 – Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege - http://technet.microsoft.com/security/advisory/2639658
- Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc
- Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc
- Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd