<< Back
CVE Number Vulnerability Product Severity Date
MS14-036 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487) Windows Server Critical 11-06-2014

Technical Information

Brief overview of the risk:
This security update resolves two privately reported vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The vulnerabilities could allow remote code execution if a user opens a specially crafted file or webpage.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that affected components handle specially crafted font files. The vulnerability could allow remote code execution if a user opens a specially crafted file or webpage. An attacker who successfully exploited this vulnerability could take complete control of an affected system.


Further information on this exploit is available at : MS14-036

Affected Software

Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 1
Microsoft Office 2010 Service Pack 2
Microsoft Live Meeting 2007 Console
Microsoft Lync 2010
Microsoft Lync 2010 Attendee
Microsoft Lync 2013
Microsoft Lync 2013 Service Pack 1
Microsoft Lync Basic 2013
Microsoft Lync Basic 2013 Service Pack 1
Microsoft Lync Basic 2013 Service Pack 1 (64-bit)
Microsoft Lync Basic 2013 (64-bit)
Microsoft Lync 2013 Service Pack 1 (64-bit)
Microsoft Lync 2013 (64-bit)
Microsoft Lync Basic 2013 Service Pack 1 (32-bit)
Microsoft Lync 2013 Service Pack 1 (32-bit)
Microsoft Lync 2013 (32-bit)
Microsoft Lync 2010 (64-bit)
Microsoft Lync 2010 (32-bit)