|Check Point Reference:||CPAI-2015-0207|
|Date Published:||10 Mar 2015|
|Last Updated:||30 Oct 2017|
|Source:||Microsoft Security Bulletin MS15-021|
|Protection Provided by:||
|Who is Vulnerable?|| Windows Server 2003|
Windows Server 2008
Windows Server 2008 R2
Windows 8 and Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT and Windows RT 8.1
Server Core installation
|Vulnerability Description||This protection will detect and block attempts to exploit this vulnerability.|
|Update/Patch Avaliable||Apply patches from: MS15-021|
An Information disclosure vulnerability has been reported in Microsoft Windows ATMFD Font Driver. The vulnerability is caused when the Font Driver tries to read or display certain fonts. A remote attacker can exploit this issue by enticing a user to open a specially crafted file.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Content Protection Violation.
Attack Information: Microsoft Windows ATMFD Font Driver Information Disclosure (MS15-021: CVE-2015-0089)