A Google Project Zero researcher has publicly disclosed details on a number of patched Adobe and Microsoft vulnerabilities, including one in the Adobe Type Manager Font Driver. The researcher pointed the finger at how CharStrings are handled as the principal culprit, in particular the quality of its interpreter function in ATMFD.dll. ATMFD has supported Type 1 and OpenType fonts in the Windows kernel dating back to NT 4.0. The bug could enable an attacker to chain together exploits that result in full system compromise using just one vulnerability.
Source: https://threatpost.com/details-available-on-patched-adobe-windows-font-vulnerabilities/113454/