There were reports that vulnerabilities in the Windows Embedded OpenType (EOT) Font Engine could allow remote code execution. A remote user can cause arbitrary code to be executed on the target user’s system. Same thing from my older post regarding remote code execution, some specially crafted fonts can execute codes and attack security policy on your workstations.

Read more