vulnerability
Microsoft Windows: CVE-2016-7256: Microsoft Graphics Remote Code Execution Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Nov 10, 2016 | Jun 10, 2024 | May 8, 2026 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Nov 10, 2016
Added
Jun 10, 2024
Modified
May 8, 2026
Description
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Open Type Font Remote Code Execution Vulnerability."
Solutions
microsoft-windows-windows_10-1507-kb3198585microsoft-windows-windows_10-1511-kb3198586microsoft-windows-windows_10-1607-kb3200970microsoft-windows-windows_server_2016-1607-kb3200970
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.