Member Tho… Posted December 13, 2012 Share Posted December 13, 2012 This topic was imported from the Typophile platform If you use OpenType fonts with PS outlines (.otf) or PostScript Type 1 fonts, reportedly the latest Windows update is a bit dangerous. Read this before you decide to install! http://graphics-unleashed.unleash.com/2012/12/windows-update-kb2753842-w... NOTE: I have not verified this in person, as I don't use Corel or Quark apps. I also don't yet know whether any other major apps may be affected. Link to comment
Member mar… Posted December 13, 2012 Share Posted December 13, 2012 Thanks for the link, Thomas. A number of my PC-using colleagues complained today that their Powerpoint presentations no longer properly display our OpenType corporate font. Link to comment
Member J.… Posted December 13, 2012 Share Posted December 13, 2012 Problems all over... Serif Page Plus forms:http://forums.serif.com/showthread.php?t=124785 Adobe forums:http://forums.adobe.com/message/4917852 Microsoft forums:http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_updat... Microsoft screwed up and they need to fix this! Link to comment
Member Jam… Posted December 13, 2012 Share Posted December 13, 2012 Thanks for the warning. I use a Mac but I'm passing the message along to some clients who use PCs to view files I send them such as PowerPoints. Link to comment
Member Tho… Posted December 13, 2012 Author Share Posted December 13, 2012 Apparently PowerPoint is affected in presentation mode only. Extra dangerous as one could not know there was a problem until trying to actually present. Ouch. Link to comment
Member J.… Posted December 14, 2012 Share Posted December 14, 2012 Article at Infoworld, but no comment from Microsoft yet.http://www.infoworld.com/t/microsoft-windows/buggy-microsoft-patch-causi... Link to comment
Member Tho… Posted December 14, 2012 Author Share Posted December 14, 2012 This also affects Flash authoring, and the Flexi sign design app, it seems. Link to comment
Member Zuh… Posted December 15, 2012 Share Posted December 15, 2012 Thank you Thomas. I spend my whole day to correct the problem, uninstalled and installed several things. Just came across your this thread and knew the reason of the problem. My all documents formatting appeared to be destroyed in MS Word 2010. After reading this I also uninstalled all the updates along with the above mentioned one and re-installed the MS Word 2010 but in vain. I have to wait a few days and see if Microsoft releases any fix. The other way is to re-install Windows XP and every thing, quite a long work. MZ, Link to comment
Member Tho… Posted December 16, 2012 Author Share Posted December 16, 2012 All the details in my blog post:http://www.thomasphinney.com/2012/12/windows-security-patch/ Known affected apps, how to uninstall, how to avoid installation, etc. Link to comment
Member qua… Posted December 17, 2012 Share Posted December 17, 2012 The story has finally hit the Reg: http://www.theregister.co.uk/2012/12/17/windows_security_update_kills_fonts/ Link to comment
Member rus… Posted December 17, 2012 Share Posted December 17, 2012 Important question, I suppose: Is the use of fonts as a vector for distributing malware and viruses more than a theoretical issue? Link to comment
Member Nic… Posted December 17, 2012 Share Posted December 17, 2012 I’m planning to release my next typeface in .ttf format only, rather than .otf—for issues concerning screen rendering—this news suggest another reason. Link to comment
Member Rya… Posted December 17, 2012 Share Posted December 17, 2012 Interesting, Nick. Link to comment
Member gar… Posted December 18, 2012 Share Posted December 18, 2012 Bear in mind, this isn't the first Windows update to fix security bugs in its font-handling code, apparently it's just the first one to break functionality. And from what I can gather, this latest vulnerability affects TrueType fonts as well; the update only breaks OTF fonts since they typically use a different system rasterizer and API call. But the overall threat does seem more serious now that every major browser supports webfonts, so simply visiting a website could load a malicious font. Link to comment
Member phr… Posted December 18, 2012 Share Posted December 18, 2012 So what, if anything, is Microsoft doing about the issue. Are they wanting sales in Apple products to increase? Link to comment
Member dbe… Posted December 18, 2012 Share Posted December 18, 2012 "I’m planning to release my next typeface in .ttf format only, rather than .otf—for issues concerning screen rendering—..." Nick, I think that's trowing the baby out wit da bat water. I'm sure they'll fix it soon, with the main reason to support .otf on windows being issues concerning screen rendering of .ttfs. These font security patches sure are important to keep us all safe from malicious fonts. Link to comment
Member rus… Posted December 20, 2012 Share Posted December 20, 2012 anyone from Microsoft who can comment? .... Nevermind . All better. Thanks Thomas Link to comment
Member Tho… Posted December 29, 2012 Author Share Posted December 29, 2012 Yes, all fixed now. Microsoft jumped on it fairly quickly. Nine days from release of bad patch to release of fixed patch. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now