The vulnerabilities stem from a printer virtualization feature that allows a virtual machine’s guest OS to access the printer attached to the host computer. An attacker with access to the guest OS can send EMFSPOOL and EMF files to the virtual COM1 serial port in order to exploit various vulnerabilities in the printer proxy process running on the host OS. Some of the vulnerabilities can also be used to perform a denial-of-service attack against the Windows OS that runs the vulnerable software. The flaws were discovered by Kostya Kortchinsky of the Google Security Team.”]