CVE-2014-4148 | Microsoft Windows up to Vista TrueType Font code injection (MS14-058 / EDB-35101)
A vulnerability has been found in Microsoft Windows up to Vista and classified as critical. Affected by this issue is some unknown functionality of the component TrueType Font Handler. The manipulation leads to code injection.
This vulnerability is referenced as CVE-2014-4148. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
Applying a patch is the recommended action to fix this issue.