CISA/NIST NVD Alert - CVE-2016-7256

Windows - Microsoft Windows Open Type Font Remote Code Execution Vulnerability

CISA/NIST Known Exploited Vulnerability Alert

CVE Identification Number

CVE-2016-7256

Vendor Name

Microsoft

Product

Windows

Vulnerability Name

Microsoft Windows Open Type Font Remote Code Execution Vulnerability

Description of Vulnerability

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.

Date Added to CISA Known Exploited Vulnerability Database

2022-05-25

Remediation

Apply updates per vendor instructions.

Link to NIST NVD CVE Listing

National Vulnerability Database Source