Skip to main content


Font Directory Entry Parsing Vulnerability In win32k.sys

Tuesday, November 10, 2009

MS09-065 addresses a vulnerability (CVE-2009-2514) in the font parsing subsystem of win32k.sys. If not addressed, this vulnerability could allow an attacker to bluescreen (DoS) the machine (best case scenario) or run code of his/her choice, possibly in the context of the kernel (worst case scenario). In this blog entry, I’ll attempt to answer a few questions regarding the vulnerability addressed in this month’s win32k.