The 2016 Pwnie Nominee For Best Client-Side Bug

MS15-078 OpenType Font Driver Vulnerability (CVE-2015-2426)

Credit: Mateusz ‘j00ru’ Jurczyk

A well-known regular in this category, Mateusz ‘j00ru’ Jurczyk, has dedicated his life to eradicating every last font bug in Windows and Adobe’s software. Over the last year, he tasked Google’s SkyNet with fuzzing Windows’ font handling for an entire year. In doing so, they found and reported bug collisions with vulnerabilities used by Hacking Team and Keen Team to win Pwn2Own 2015. This just goes to show that if you are hoarding fuzzable 0day in a attack surface that Google decides to fuzz, your 0day is a dead bug walking. They have more CPU cores than you ever will and they aren’t afraid to use them. If you’re holding onto a Windows font bug that their fuzzing didn’t find and kill, we recommend making your way to the nearest casino.

MS15-078 OpenType Font Driver Vulnerability

(CVE-2015-2426)