A vulnerability is identified in Microsoft Windows that could be exploited to compromise an affected system. Due to an error when Windows Adobe Type Manager Library handles OpenType fonts, an attacker could exploit to take control of the system if a user opens a specially crafted document or visit a webpage that contains embedded OpenType fonts.
A successful attack could lead to remote arbitrary code execution.
Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://technet.microsoft.com/en-us/library/security/MS15-078
https://www.us-cert.gov/ncas/current-activity/2015/07/20/Microsoft-Releases-Security-Update
https://www.hkcert.org/my_url/en/alert/15072101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2426