Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability

Added Nov. 3, 2021 • Due May 3, 2022 • CVE-2020-1020

Overdue Microsoft / Windows CWE-787

Description

Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.

Required Action

Apply updates per vendor instructions.

References

https://nvd.nist.gov/vuln/detail/CVE-2020-1020

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 4 months, 2 weeks ago