Yes, Font Files can Own Your Computer! For Over a Decade...

February 15, 2016 By Risk Based Security

On February 5, the Cisco Talos research team published an advisory covering several vulnerabilities in the Graphite (a.k.a. libgraphite) project. According to the vendor page, it "is a 'smart font' system developed specifically to handle the complexities of lesser-known languages of the world." This prompted the media and some in our industry to comment that it is "2016 and a font file can own[...]

Filed Under: Vulnerabilities, News, Third-party Libraries

Subscribe to Email Updates