Microsoft normally restricts its Windows updates to a monthly Patch Tuesday. So when the company pushes a critical update on a Monday, it’s a good sign that shit is hitting the fan.


The security update applies to all versions of Windows since Vista, and fixes a rather gaping hole in the security: thanks to a bug in the way Windows handles custom fonts, a hacker could use a custom font on a webpage (or document, for that matter) to remotely execute code on your PC. In other words: visit one untrusted website with a weird font, and a malicious hacker could run code on your machine. Not surprisingly, Microsoft labelled this bug as Critical, its highest level of fuck-up.

The fix is available now through Windows Update, and does require a restart.

[Microsoft via ComputerWorld]