{"id":855,"date":"2009-08-10T18:17:36","date_gmt":"2009-08-10T10:17:36","guid":{"rendered":"http:\/\/www.qlickcafe.com\/blogs\/?p=855"},"modified":"2009-08-10T18:17:36","modified_gmt":"2009-08-10T10:17:36","slug":"opentype-font-engine-could-allow-remote-code-execution","status":"publish","type":"post","link":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/","title":{"rendered":"OpenType Font Engine Could Allow Remote Code Execution"},"content":{"rendered":"<div id=\"qlicksolution\">\n<h1>Another Code Execution Problem courtesy of Microsoft<\/h1>\n<\/div>\n<p><script type=\"text\/javascript\">\/\/ <![CDATA[\ngoogle_ad_client = \"pub-6253842080202367\";\n\/* 468x60, created 1\/13\/09 *\/\ngoogle_ad_slot = \"9323334255\";\ngoogle_ad_width = 468;\ngoogle_ad_height = 60;\n\/\/ ]]><\/script> <script src=\"http:\/\/pagead2.googlesyndication.com\/pagead\/show_ads.js\" type=\"text\/javascript\"><\/script><br \/>\nThere were reports that vulnerabilities in the Windows Embedded OpenType (EOT) Font Engine could allow remote code execution. A remote user can cause arbitrary code to be executed on the target user&#8217;s system. Same thing from my older post regarding remote code execution, some specially crafted fonts can execute codes and attack security policy on your workstations.<\/p>\n<p><!-- You will NOT be able to see the ad on your site! This unit is hidden on your page, and will only display to your search engine traffic (from US and CA). To preview, paste the code up on your site, then add #chitikatest=mortgage to the end of your URL in your browser's address bar.  Example:  www.yourwebsite.com#chitikatest=mortgage. This will show you what the ad would look like to a user who is interested in \"mortgages.\" --> <script type=\"text\/javascript\">\/\/ <![CDATA[\nch_client = \"jhongmed\";\nch_type = \"mpu\";\nch_width = 550;\nch_height = 120;\nch_color_bg = \"333333\";\nch_color_border = \"333333\";\nch_color_title = \"FF9B00\";\nch_color_site_link = \"FF9B00\";\nch_color_text = \"FFFFFF\";\nch_non_contextual = 4;\nch_vertical =\"premium\";\nch_font_title = \"Comic Sans MS\";\nch_font_text = \"Comic Sans MS\";\nch_sid = \"Chitika Premium\";\nvar ch_queries = new Array( );\nvar ch_selected=Math.floor((Math.random()*ch_queries.length));\nif ( ch_selected < ch_queries.length ) {\nch_query = ch_queries[ch_selected];\n}\n\/\/ ]]><\/script><br \/>\n<script src=\"http:\/\/scripts.chitika.net\/eminimalls\/amm.js\" type=\"text\/javascript\"><\/script><br \/>\n<img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png\" alt=\"fonts\" title=\"fonts\" width=\"300\" height=\"196\" class=\"alignnone size-medium wp-image-862\" \/><br \/>\n<!--more--><br \/>\nWeb page or document containing a specially crafted EOT Fonts, when loaded by other users, will trigger a buffer overflow and execute arbitrary code on the target system. Font Engines are software used by Operating Systems that converts the information in a TrueType font into a raster image suitable for display on screen or printer. Microsoft announces these problem as critical and that all windows user are advise to updates <a href=\"http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS09-029.mspx\">security patches from their website.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another Code Execution Problem courtesy of Microsoft There were reports that vulnerabilities in the Windows Embedded OpenType (EOT) Font Engine could allow remote code execution. A remote user can cause arbitrary code to be executed on the target user&#8217;s system. Same thing from my older post regarding remote code execution, some specially crafted fonts can &#8230; <a title=\"OpenType Font Engine Could Allow Remote Code Execution\" class=\"read-more\" href=\"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/\" aria-label=\"Read more about OpenType Font Engine Could Allow Remote Code Execution\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[80,125,171,212],"class_list":["post-855","post","type-post","status-publish","format-standard","hentry","category-news-and-events","tag-fonts","tag-microsoft-security-updates","tag-remote-executions","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>OpenType Font Engine Could Allow Remote Code Execution - Qlick Tech Blog<\/title>\n<meta name=\"description\" content=\"OpenType Font Engine Could Allow Remote Code Execution -\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpenType Font Engine Could Allow Remote Code Execution - Qlick Tech Blog\" \/>\n<meta property=\"og:description\" content=\"OpenType Font Engine Could Allow Remote Code Execution -\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/\" \/>\n<meta property=\"og:site_name\" content=\"Qlick Tech Blog\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/jhongmed\" \/>\n<meta property=\"article:author\" content=\"http:\/\/www.facebook.com\/jhongmed\" \/>\n<meta property=\"article:published_time\" content=\"2009-08-10T10:17:36+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png\" \/>\n<meta name=\"author\" content=\"Jhong Medina\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@http:\/\/www.twitter.com\/jhongmed\" \/>\n<meta name=\"twitter:site\" content=\"@jhongmed\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jhong Medina\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/\"},\"author\":{\"name\":\"Jhong Medina\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/#\\\/schema\\\/person\\\/19e995cafc89853348e95e7606eaf1d4\"},\"headline\":\"OpenType Font Engine Could Allow Remote Code Execution\",\"datePublished\":\"2009-08-10T10:17:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/\"},\"wordCount\":148,\"commentCount\":13,\"publisher\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/#\\\/schema\\\/person\\\/19e995cafc89853348e95e7606eaf1d4\"},\"image\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/2009\\\/08\\\/fonts1-300x196.png\",\"keywords\":[\"Fonts\",\"Microsoft Security Updates\",\"Remote Executions\",\"Vulnerability\"],\"articleSection\":[\"News and Events\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/\",\"url\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/\",\"name\":\"OpenType Font Engine Could Allow Remote Code Execution - Qlick Tech Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/2009\\\/08\\\/fonts1-300x196.png\",\"datePublished\":\"2009-08-10T10:17:36+00:00\",\"description\":\"OpenType Font Engine Could Allow Remote Code Execution -\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#primaryimage\",\"url\":\"http:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/2009\\\/08\\\/fonts1-300x196.png\",\"contentUrl\":\"http:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/2009\\\/08\\\/fonts1-300x196.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/news-and-events\\\/opentype-font-engine-could-allow-remote-code-execution\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OpenType Font Engine Could Allow Remote Code Execution\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/#website\",\"url\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/\",\"name\":\"Qlick Tech Blog\",\"description\":\"Tech News | Beginners Guide | Project Management | Gadgets | Solutions\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/#\\\/schema\\\/person\\\/19e995cafc89853348e95e7606eaf1d4\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/#\\\/schema\\\/person\\\/19e995cafc89853348e95e7606eaf1d4\",\"name\":\"Jhong Medina\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/profilephoto.jpg\",\"url\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/profilephoto.jpg\",\"contentUrl\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/profilephoto.jpg\",\"width\":1000,\"height\":1504,\"caption\":\"Jhong Medina\"},\"logo\":{\"@id\":\"https:\\\/\\\/www.qlickcafe.com\\\/blogs\\\/wp-content\\\/uploads\\\/profilephoto.jpg\"},\"description\":\"Hi, I'm Jhong Medina, I'm just your friendly neighborhood tech blogger :). Hope you can join the discussion by sharing your ideas below. Thank you for visiting.\",\"sameAs\":[\"http:\\\/\\\/www.qlickcafe.com\",\"http:\\\/\\\/www.facebook.com\\\/jhongmed\",\"https:\\\/\\\/x.com\\\/http:\\\/\\\/www.twitter.com\\\/jhongmed\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpenType Font Engine Could Allow Remote Code Execution - Qlick Tech Blog","description":"OpenType Font Engine Could Allow Remote Code Execution -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/","og_locale":"en_US","og_type":"article","og_title":"OpenType Font Engine Could Allow Remote Code Execution - Qlick Tech Blog","og_description":"OpenType Font Engine Could Allow Remote Code Execution -","og_url":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/","og_site_name":"Qlick Tech Blog","article_publisher":"http:\/\/www.facebook.com\/jhongmed","article_author":"http:\/\/www.facebook.com\/jhongmed","article_published_time":"2009-08-10T10:17:36+00:00","og_image":[{"url":"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png","type":"","width":"","height":""}],"author":"Jhong Medina","twitter_card":"summary_large_image","twitter_creator":"@http:\/\/www.twitter.com\/jhongmed","twitter_site":"@jhongmed","twitter_misc":{"Written by":"Jhong Medina","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#article","isPartOf":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/"},"author":{"name":"Jhong Medina","@id":"https:\/\/www.qlickcafe.com\/blogs\/#\/schema\/person\/19e995cafc89853348e95e7606eaf1d4"},"headline":"OpenType Font Engine Could Allow Remote Code Execution","datePublished":"2009-08-10T10:17:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/"},"wordCount":148,"commentCount":13,"publisher":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/#\/schema\/person\/19e995cafc89853348e95e7606eaf1d4"},"image":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#primaryimage"},"thumbnailUrl":"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png","keywords":["Fonts","Microsoft Security Updates","Remote Executions","Vulnerability"],"articleSection":["News and Events"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/","url":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/","name":"OpenType Font Engine Could Allow Remote Code Execution - Qlick Tech Blog","isPartOf":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#primaryimage"},"image":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#primaryimage"},"thumbnailUrl":"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png","datePublished":"2009-08-10T10:17:36+00:00","description":"OpenType Font Engine Could Allow Remote Code Execution -","breadcrumb":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#primaryimage","url":"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png","contentUrl":"http:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/2009\/08\/fonts1-300x196.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.qlickcafe.com\/blogs\/news-and-events\/opentype-font-engine-could-allow-remote-code-execution\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.qlickcafe.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"OpenType Font Engine Could Allow Remote Code Execution"}]},{"@type":"WebSite","@id":"https:\/\/www.qlickcafe.com\/blogs\/#website","url":"https:\/\/www.qlickcafe.com\/blogs\/","name":"Qlick Tech Blog","description":"Tech News | Beginners Guide | Project Management | Gadgets | Solutions","publisher":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/#\/schema\/person\/19e995cafc89853348e95e7606eaf1d4"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.qlickcafe.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.qlickcafe.com\/blogs\/#\/schema\/person\/19e995cafc89853348e95e7606eaf1d4","name":"Jhong Medina","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/profilephoto.jpg","url":"https:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/profilephoto.jpg","contentUrl":"https:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/profilephoto.jpg","width":1000,"height":1504,"caption":"Jhong Medina"},"logo":{"@id":"https:\/\/www.qlickcafe.com\/blogs\/wp-content\/uploads\/profilephoto.jpg"},"description":"Hi, I'm Jhong Medina, I'm just your friendly neighborhood tech blogger :). Hope you can join the discussion by sharing your ideas below. Thank you for visiting.","sameAs":["http:\/\/www.qlickcafe.com","http:\/\/www.facebook.com\/jhongmed","https:\/\/x.com\/http:\/\/www.twitter.com\/jhongmed"]}]}},"_links":{"self":[{"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/posts\/855","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/comments?post=855"}],"version-history":[{"count":0,"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/posts\/855\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/media?parent=855"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/categories?post=855"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qlickcafe.com\/blogs\/wp-json\/wp\/v2\/tags?post=855"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}