Security update for the Express Compressed Fonts remote code execution vulnerability in Windows Server 2008: August 8, 2017

Summary

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability would gain code execution on the target system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts.

To learn more about the vulnerability, go to CVE-2017-8691. To learn more, see the Security Update Guide.

More Information

Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

Security update deployment information: August 8, 2017

More Information


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

Windows Server 2008 file information

Note: The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File Information

File hash information

File name

SHA1 hash

SHA256 hash

Windows6.0-KB4035056-ia64.msu

17DBC5496B8E307D70D0ADB2312FC7EE3A7743CE

7739ECBB3CB16210A4F960C9FB914E211B81BB19A8A944AF2ADAE6EF1E9BEF53

Windows6.0-KB4035056-x86.msu

B6E4C2E5037FE048EC13ADBC8206AF89E19780BB

77C4F3B5E6825DAA55063C8EC76705F6906E7E59B0AC1D8857732DDAA148FD31

Windows6.0-KB4035056-x64.msu

126CBD9D8BA761A6CF0F98FFE317C6C092838B46

9CFB6DAFD25C31BDCEC4F544709DD9DA74F7E9F26A7EAA8B10315E79491C5B31

For all supported ia64-based versions

File name

File version

File size

Date

Time

Platform

T2embed.dll

6.0.6002.19834

402,432

07-Jul-2017

21:51

IA-64

T2embed.dll

6.0.6002.24154

402,432

07-Jul-2017

22:10

IA-64

T2embed.dll

6.0.6002.19834

157,696

07-Jul-2017

21:57

x86

T2embed.dll

6.0.6002.24154

157,696

07-Jul-2017

22:12

x86

For all supported x86-based versions

File name

File version

File size

Date

Time

Platform

T2embed.dll

6.0.6002.19834

157,696

07-Jul-2017

21:57

x86

T2embed.dll

6.0.6002.24154

157,696

07-Jul-2017

22:12

x86

For all supported x64-based versions

File name

File version

File size

Date

Time

Platform

T2embed.dll

6.0.6002.19834

190,464

07-Jul-2017

22:23

x64

T2embed.dll

6.0.6002.24154

190,464

07-Jul-2017

22:44

x64

T2embed.dll

6.0.6002.19834

157,696

07-Jul-2017

21:57

x86

T2embed.dll

6.0.6002.24154

157,696

07-Jul-2017

22:12

x86

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×