Patch Tuesday security bulletins called attention to vulnerabilities in the Windows kernel s font-processing engine. Font-parsing vulnerabilities weren t part of the security consciousness much until the discovery of Duqu at the end of 2011. Every single Patch Tuesday release from Microsoft going back to last October has included patches for kernel bugs, including some being actively exploited in the wild. The July Patch Tuesday updates released this week were particularly noteworthy with three separate bulletins addressing vulnerabilities in seven different Microsoft products affected by the same TrueType flaw.
Source: https://threatpost.com/of-truetype-font-vulnerabilities-and-the-windows-kernel/101263/