Questions tagged [font]

I got curious about how to scan or assess the risk of a particular font file before deploying it to hosts. First line of defense, of course, is to make sure that our hosts are patched against any TrueType font vulnerabilities. I read the excellent…

There are cases of fonts being used for exploiting vulnerabilities (for ex: ThreatPost, SecureList and F-Secure). My question is if you ever get hands on such a font, how do you know that it is malicious?

This is obviously not from PayPal, but the font in the word account displayed using odd looking font, is this a security risk to me that Outlook.com displayed this font? See below, Outlook has preview text enabled as default