Font Directory Entry Parsing Vulnerability In win32k.sys

MS09-065 addresses a vulnerability (CVE-2009-2514) in the font parsing subsystem of win32k.sys.  If not addressed, this vulnerability could allow an attacker to bluescreen (DoS) the machine (best case scenario) or run code of his/her choice, possibly in the context of the kernel (worst case scenario).    In this blog entry, I’ll attempt to answer a …

Font Directory Entry Parsing Vulnerability In win32k.sys Read More »