HomeForumsGeneral Discussions

WINDOWS UPDATE breaks Quark, Corel, who knows what else?

Thomas Phinney's picture
Posted by Thomas Phinney in
13 Dec 2012 — 2:59pm

If you use OpenType fonts with PS outlines (.otf) or PostScript Type 1 fonts, reportedly the latest Windows update is a bit dangerous. Read this before you decide to install!

http://graphics-unleashed.unleash.com/2012/12/windows-update-kb2753842-w...

NOTE: I have not verified this in person, as I don't use Corel or Quark apps. I also don't yet know whether any other major apps may be affected.

marcox
13 Dec 2012 — 3:27pm
marcox's picture

Thanks for the link, Thomas. A number of my PC-using colleagues complained today that their Powerpoint presentations no longer properly display our OpenType corporate font.

J. Tillman
13 Dec 2012 — 4:23pm
J. Tillman's picture

Problems all over...
Serif Page Plus forms:
http://forums.serif.com/showthread.php?t=124785
Adobe forums:
http://forums.adobe.com/message/4917852
Microsoft forums:
http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_updat...

Microsoft screwed up and they need to fix this!

JamesM
13 Dec 2012 — 7:08pm
JamesM's picture

Thanks for the warning. I use a Mac but I'm passing the message along to some clients who use PCs to view files I send them such as PowerPoints.

Thomas Phinney
13 Dec 2012 — 8:14pm
Thomas Phinney's picture

Apparently PowerPoint is affected in presentation mode only. Extra dangerous as one could not know there was a problem until trying to actually present. Ouch.

JamesM
13 Dec 2012 — 9:20pm
JamesM's picture

Yikes.

J. Tillman
14 Dec 2012 — 9:53am
J. Tillman's picture

Article at Infoworld, but no comment from Microsoft yet.
http://www.infoworld.com/t/microsoft-windows/buggy-microsoft-patch-causi...

Thomas Phinney
14 Dec 2012 — 1:43pm
Thomas Phinney's picture

This also affects Flash authoring, and the Flexi sign design app, it seems.

Zuhair Albazi
15 Dec 2012 — 9:51am
Zuhair Albazi's picture

Thank you Thomas.
I spend my whole day to correct the problem, uninstalled and installed several things. Just came across your this thread and knew the reason of the problem. My all documents formatting appeared to be destroyed in MS Word 2010.
After reading this I also uninstalled all the updates along with the above mentioned one and re-installed the MS Word 2010 but in vain.
I have to wait a few days and see if Microsoft releases any fix. The other way is to re-install Windows XP and every thing, quite a long work.
MZ,

Thomas Phinney
16 Dec 2012 — 6:08pm
Thomas Phinney's picture

All the details in my blog post:
http://www.thomasphinney.com/2012/12/windows-security-patch/

Known affected apps, how to uninstall, how to avoid installation, etc.

quadibloc
17 Dec 2012 — 5:25am
quadibloc's picture

The story has finally hit the Reg:

http://www.theregister.co.uk/2012/12/17/windows_security_update_kills_fonts/

russellm
17 Dec 2012 — 11:16am
russellm's picture

Important question, I suppose: Is the use of fonts as a vector for distributing malware and viruses more than a theoretical issue?

Nick Shinn
17 Dec 2012 — 12:31pm
Nick Shinn's picture

I’m planning to release my next typeface in .ttf format only, rather than .otf—for issues concerning screen rendering—this news suggest another reason.

Ryan Maelhorn
17 Dec 2012 — 5:53pm
Ryan Maelhorn's picture

Interesting, Nick.

phrostbyte64
18 Dec 2012 — 6:34am
phrostbyte64's picture

So what, if anything, is Microsoft doing about the issue. Are they wanting sales in Apple products to increase?

gargoyle
18 Dec 2012 — 3:48am
gargoyle's picture

Bear in mind, this isn't the first Windows update to fix security bugs in its font-handling code, apparently it's just the first one to break functionality. And from what I can gather, this latest vulnerability affects TrueType fonts as well; the update only breaks OTF fonts since they typically use a different system rasterizer and API call. But the overall threat does seem more serious now that every major browser supports webfonts, so simply visiting a website could load a malicious font.

bbg
18 Dec 2012 — 8:11am
bbg's picture

"I’m planning to release my next typeface in .ttf format only, rather than .otf—for issues concerning screen rendering—..."

Nick, I think that's trowing the baby out wit da bat water. I'm sure they'll fix it soon, with the main reason to support .otf on windows being issues concerning screen rendering of .ttfs.

These font security patches sure are important to keep us all safe from malicious fonts.

J Weltin
18 Dec 2012 — 12:40pm
J Weltin's picture

{…}

russellm
20 Dec 2012 — 6:47pm
russellm's picture

anyone from Microsoft who can comment?

.... Nevermind . All better.

Thanks Thomas

Thomas Phinney
29 Dec 2012 — 11:38am
Thomas Phinney's picture

Yes, all fixed now. Microsoft jumped on it fairly quickly. Nine days from release of bad patch to release of fixed patch.

Syndicate content Syndicate content