Microsoft Releases Out of Band Critical Update
Yesterday evening, July 20th 2015, Microsoft released one of its relatively rare out of band critical updates. This update patches a vulnerability which could allow for the execution of remote code on a “specially crafted document” or by visiting an “untrusted webpage that contains OpenType fonts.”
Microsoft is generally in the habit of combining all of its required patches into a single patching event and releasing them on the second Tuesday of each month. The fact that they elected to go outside of this predictable cycle tends to suggest that the impact of the vulnerability is quite severe.
This vulnerability impacts every supported version of Windows and should be addressed prior to the next Windows “Patch Tuesday” on August 11th.