1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Windows kernel-mode drivers vulnerability could allow denial of service

Report ID: MS201111002
Date Published: 10 November 2011

Criticality: Moderate
Compromise Type: denial-of-service
Compromise From: remote

Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008


A vulnerability in the Windows kernel, involving TrueType font parsing, could allow an attacker to cause an affected system to stop responding and restart. 

Detailed Description

Microsoft has issued a security update to patch a vulnerability that exists in the Windows kernel. The vulnerability is caused by insufficient validation on an array index when Windows kernel-mode drivers load a TrueType font file. Upon successful exploit, an attacker could cause the target system to stop responding and restart.

This vulnerability has been addressed in the latest security update, which ensures that array indexes are properly validated when loading TrueType font files. Users are recommended to install this update to protect their system from potential exploit.

CVE Reference



Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-084)

Online Virus Scanner

Run a quick online virus scan of your computer.