Vulnerability in Microsoft font driver could allow remote code execution. This vulnerability requires immediate remediation (16 July 2015).
Microsoft patch MS 15-078 addresses a serious security flaw found in the way Windows products read certain types of fonts.
An attacker can send you an office document or ask you to visit a specific web page with a specific font being used. The attack is straight forward and simple to execute, and for that reason it is highly important to patch immediately.
The attack is possible because it focuses on the Windows Adobe Type Manager Library and the way it deals with OpenType fonts, allowing Remote Code Execution.
Please note that this vulnerability affects all modern versions of Windows. Also, if you install a language pack after you install this update, you must reinstall this update. Therefore, install any language packs that you need before you install this update. For more information, see Add language packs to Windows.