Windows Security Alert: Update Now
A bug in Microsoft’s fonts implementation has created a situation where a skilled hacker is able to gain full access to a Windows PC simply by loading a font onto the machine. This escalation can be most shockingly be conducted by a custom font on a website.
The security update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. For more information about the vulnerability, see the Vulnerability Information section. – Security Advisement
This is a crucial security vulnerability for all Windows users and they should patch their system now, not later, or otherwise stop browsing the Internet. Large organizations using the operating system could be at risk if any member of their organization clicks a phishing link, which could even be a spoof of a normal website the user accesses, but backed with a modified font that contains the malware.
Also read: No Browser Is Secure
No word yet on whether or not this exploit has been utilized in a notable way. You can update your system in its settings, and you can find more information on this vulnerability here.