Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker’s site. The security update addresses the vulnerabilities by correcting the method used for validating the argument passed to the system call, validating input passed from user mode through the kernel component of GDI, and correcting the manner in which Windows kernel-mode drivers parse font code.

Update type: Important

Release date: November 10, 2009

Applies to: All versions

Knowledge base: support.microsoft.com/kb/969947

Download link: 32-bit | 64-bit
Comments:Here are the specifics on the vulnerabilities covered by this update:

• Win32k NULL Pointer Dereferencing Vulnerability – CVE-2009-1127
• Win32k Insufficient Data Validation Vulnerability – CVE-2009-2513
• Win32k EOT Parsing Vulnerability – CVE-2009-2514