Google Finds 16 Bugs, 2 Zero-Days, in Windows Kernel Font Handling

July 1, 2016

Project Zero researchers revealed this week that they helped Microsoft patch 16 security issues relating to how font processing operations are handled in the Windows kernel, 2 of which were zero-day vulnerabilities at the time they were discovered.

Project Zero is an initiative to help improve the security of crucial software. The project is sponsored by Google, and in the past, it managed to help fix critical vulnerabilities in many open- or closed-source projects such as important open source code libraries or high-end antivirus products.

In a blog post published a few days ago, the project’s researchers revealed the methodology through which they managed to discover 16 issues in the way Windows handles fonts.

Fonts and font processing operations are an old problem within the Windows OS, but which has not received a lot of media attention compared to other vulnerabilities.

The issue at the core of this problem is the fact that Windows executes all font processing operations in the kernel’s ring-0 with the highest level of permissions. A vulnerability in any of the libraries or operations would immediately give an attacker direct access to the whole OS.

Read full story…