win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to cause a denial of service (reboot) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability" or "Win32k Font Parsing Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms13-036
"How could an attacker exploit the vulnerability?
There are multiple means that could allow an attacker to exploit this vulnerability.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.
In a file sharing attack scenario, an attacker could provide a specially crafted document that is designed to exploit this vulnerability, and then convince a user to open the document.
In a local attack scenario, an attacker could also exploit this vulnerability by running a specially crafted application. However, the attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability in this scenario."
Publication date: Wed, 10 Apr 2013 03:55:00 +0000