CVE-2016-7256β€”Microsoft Windows Open Type Font Remote Code Execution Vulnerability

PUBLISHEDvulnerability record
2022-05-25 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2016-7256
Project:
Microsoft
Product:
Windows
Date Added:
2022-05-25
Due Date:
2022-06-15
Last Updated:
June 21, 2025

Vulnerability Name

Microsoft Windows Open Type Font Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related Weaknesses