During this month’s Patch Tuesday, Microsoft released a new security update KB3177393 for every supported version of Windows. The update resolves vulnerabilities in the Microsoft Graphics component in Windows, Office, Skype for Business, and Lync.
“This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, and Microsoft Lync. The vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
A few code execution vulnerabilities appear when the Windows font library improperly handles special fonts. Of course, as is usually the case with security flaws in Windows, an attacker who takes advantage of this vulnerability can take full control over an affected computer.
To get rid of the vulnerability, Microsoft changed the way the Windows font library handles embedded fonts.
As we said, this security update is available for all supported versions of Windows including Windows 10, where it was included in cumulative updates KB3176495, KB3176493, and KB3176492. If you want to find out more details about KB3177393, check the update’s security bulletin on TechNet.
Microsoft marked this update as highly recommended, so no matter which version of Windows you’re using, you should install this patch.
RELATED STORIES YOU NEED TO CHECK OUT:
- Microsoft still has a soft spot for Windows 8.1, releases KB3175887 security update
- Microsoft releases Windows 7 KB3178034 update to patch remote code vulnerability
- Installing KB3176493 update for Windows 10 seems impossible for some
- Windows 10 Anniversary Update causes BootCamp problems
- KB890830 updates Malicious Software Removal Tool for Anniversary Update