*update 11-9-2011: An IPS rule has been put in place to block all external attempts to exploit this vulnerability. There is still a potentional threat if a host on Purdue's network is infected with the Duqu worm, but all external threats have been mitigated.
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the Win32k kernel-mode driver (win32k.sys) when parsing TrueType fonts.
Successful exploitation allows execution of arbitrary code.
More information can be found in the original advisory: Microsoft (KB2639658)
Posted by Curt Jansen on November 04, 2011, in Handlers Log.