The edition of Microsoft Patch Tuesday released yesterday brought a highly critical vulnerability found and described by Hossein Lotfi from Secunia Research at Flexera Software. The vulnerability is in a core component of all supported versions of Microsoft Windows operating systems, the so-called Unicode Scripts Processor that is enclosed in the operating system. Because of its nature, the vulnerability is typically exploited, for example, via web browsing and document exchange, where opening a specially crafted web page or document may unfold the malicious intent. For that reason, patching this vulnerability as soon as possible is the most effective way to protect machines against exploitation, and avoid the risk it represents for both private users and businesses.

A Q&A with Hossein on this vulnerability is given below:

Flexera Software: Does this vulnerability have a nickname?

Hossein: No. Feel free to call it “Dirty Font”, “Ugly USP”, or …

Flexera Software: Any t-shirt?

Hossein: Not yet!

Flexera Software: What is your opinion on the “Marketing” of vulnerabilities?

