CVE-2020-1020 - Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
Project:Microsoft
Product:Windows
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
Description
Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-1020