Microsoft has released an out-of-band patch that closes an exploit that if executed, could allow remote code execution. The vulnerability, which affects all supported versions of Windows, could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType font, according to Microsoft.
If you are running any version of Windows that Microsoft currently supports, you should run Windows Update right now to grab the patch. Seeing as Microsoft is issuing this patch out of its normal cadence, solidifies that Microsoft feels that this issue needs to be resolved immediately.
Because Windows is widely used around the world, the company frequently says that they have 1.5 billion machines running the OS, means that it is typically the primary target for those with malicious intent. When issues like this are brought to the company's attention, especially from outside firms, the company has to be able to react quickly if it hopes to keep consumer's (and enterprise) trust about providing a secure OS.
While it's nearly impossible to build software that is free of vulnerabilities and because Windows is so widely used, this extrapolates the software's complexity.
Read More: Microsoft