Lucene search

K
mskbMicrosoftKB4056941
HistoryJan 03, 2018 - 8:00 a.m.

Description of the security update for the ATMFD.dll information disclosure vulnerability in Windows Server 2008: January 3, 2018

2018-01-0308:00:00
Microsoft
support.microsoft.com
98

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

26.0%

Description of the security update for the ATMFD.dll information disclosure vulnerability in Windows Server 2008: January 3, 2018

Summary

An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could obtain information to enable the attacker to further compromise the user’s system.

To learn more about the vulnerabilities, go to the Security Update Guide.

More Information

Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

More Information

File information The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Windows Server 2008 file information

Note: The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File Information

File hash information

File name SHA1 hash SHA256 hash
Windows6.0-KB4056941-x86.msu FABF06DD517B6F1420D48D16FD6C800D3480F09E D1D60FF953D6F95F9B16C8728532D53EC1E65EEE8E4AFDC965079BE3CC4C12AD
Windows6.0-KB4056941-x64.msu 9E495136EA878A568464A047FA05A30CC612AEF1 5E8376AB4F8F318D69FE9460F4D668154B22D8EA8F98D3188230CA844DF476F7
Windows6.0-KB4056941-ia64.msu 9B2503B3FEE2985D39188FB446900D6657707707 A04EC1E7CB2481B86217516BE88DF45650B4E8D275BE149358BD0DA22F2634EC

For all supported x86-based versions

File name File version File size Date Time Platform
Atmfd.dll 5.1.2.253 306,920 13-Dec-2017 15:49 x86
Atmlib.dll 5.1.2.253 34,304 13-Dec-2017 15:45 x86
Dciman32.dll 6.0.6002.24262 10,240 13-Dec-2017 15:45 x86
Fontsub.dll 6.0.6002.24262 72,704 13-Dec-2017 15:45 x86
Lpk.dll 6.0.6002.24262 23,552 13-Dec-2017 15:45 x86

For all supported x64-based versions

File name File version File size Date Time Platform
Atmfd.dll 5.1.2.253 384,232 13-Dec-2017 15:41 x64
Atmlib.dll 5.1.2.253 48,128 13-Dec-2017 15:34 x64
Dciman32.dll 6.0.6002.24262 14,336 13-Dec-2017 15:34 x64
Fontsub.dll 6.0.6002.24262 96,256 13-Dec-2017 15:34 x64
Lpk.dll 6.0.6002.24262 32,768 13-Dec-2017 15:34 x64
Atmfd.dll 5.1.2.253 306,920 13-Dec-2017 15:49 x86
Atmlib.dll 5.1.2.253 34,304 13-Dec-2017 15:45 x86
Dciman32.dll 6.0.6002.24262 10,240 13-Dec-2017 15:45 x86
Fontsub.dll 6.0.6002.24262 72,704 13-Dec-2017 15:45 x86
Lpk.dll 6.0.6002.24262 23,552 13-Dec-2017 15:45 x86

For all supported ia64-based versions

File name File version File size Date Time Platform
Atmfd.dll 5.1.2.253 795,368 13-Dec-2017 15:28 IA-64
Atmlib.dll 5.1.2.253 92,160 13-Dec-2017 15:22 IA-64
Dciman32.dll 6.0.6002.24262 29,184 13-Dec-2017 15:22 IA-64
Fontsub.dll 6.0.6002.24262 196,096 13-Dec-2017 15:22 IA-64
Lpk.dll 6.0.6002.24262 68,608 13-Dec-2017 15:22 IA-64
Atmfd.dll 5.1.2.253 306,920 13-Dec-2017 15:49 x86
Atmlib.dll 5.1.2.253 34,304 13-Dec-2017 15:45 x86
Dciman32.dll 6.0.6002.24262 10,240 13-Dec-2017 15:45 x86
Fontsub.dll 6.0.6002.24262 72,704 13-Dec-2017 15:45 x86
Lpk.dll 6.0.6002.24262 23,552 13-Dec-2017 15:45 x86

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

26.0%