Microsoft implemented a new security feature in Windows 10's November update build that added an option to the operating system to block the loading of untrusted fonts.
The use of fonts has always been problematic in the Windows operating system from a security point of view as bugs in font-handling code could give attackers high-level privileges.
Bulletins such as MS15-078 indicate that the Windows font system is targeted regularly, and one way to mitigate the impact of these attacks was the new untrusted font blocking security feature built-into Windows 10.
I have mentioned the feature when I reviewed the new version of Microsoft EMET, as it shipped with support for it, but it has been likely missed by at least some users, hence this new article.
The security feature needs to be enabled in the Windows Registry, and there for every machine that you want to enable the feature on.
Note: It is highly suggested to set the untrusted font blocking security feature to audit mode first, as you may run into issues with third-party applications after enabling the feature on a machine running Windows 10.
Alternatively, if you are running Microsoft EMET 5.5 on the machine, you may enable the "block untrusted fonts" feature using the application interface.
If you set it to audit mode, all blocked font loading attempts are written to the event log.
Configuring exceptions
Some programs may not load or display correctly after you enable untrusted font blocking in Windows 10. While you may be able to resolve some of the issues directly, for instance by enforcing the use of system fonts in the application, you may run into issues with some apps where that is not an option.
Microsoft added an option to the security feature that enables you to set exceptions for these processes.
Additional information about the blocking of untrusted fonts are available on Microsoft's Technet website.
Side Note: Google enabled the feature individually for its Chrome web browser running on Windows 10 recently according to an Ars Technica report improving security for Chrome users on Windows 10 in the process.
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
Late ’70s time frame…
“Hey, guys… we got some leftover bytes here–what should we do with ’em?”
“Hmmm… oh, I know! Let’s run ’em! …see what happens–gotta be fun, right?”
“Kewl!”
(and thus a whole cottage industry was born–two actually: malware creators on one side, and AV folk (and everyone else) on the other side… “Kewl!” [yeah, right].)
Unless I am reading this wrong, this can also block web-fonts that aren’t trusted by Microsoft. If so, it seems like a challenge to Google Fonts.
Am I wrong?
It’s great to know my primary browser under Windows 10 is Chrome Version 48.0.2564.103 m as of yesterday. I assume the font benefit is there, although searching on “font” in Chrome Release notes for all current versions produced no hits.
In someway, this would cause some potentially undesired trouble to inexperienced even advanced Photoshop users, as they often need some 3rd-party sources to create their work. Again, the user should scan the downloads via an up-to-date malware protection.
http://news.softpedia.com/news/vulnerability-in-font-processing-library-affects-linux-openoffice-firefox-500027.shtml