In its advisory note about the vulnerability, Microsoft said the bug was being talked about online but had no information "to indicate this vulnerability had been used to attack customers". However, it said, its own research had shown that attackers exploiting it could "take complete control" of a vulnerable system. Windows users could fall victim to attackers who booby-trapped websites with exploit code or were tricked into opening a malicious email attachment. The vulnerability has been found in Windows 7, 8 and RT as well as older versions such as Vista, Server 2008 and Server 2012. Microsoft said it was tipped off about the bug by security researchers from security companies FireEye and Trend Micro as well as experts from Google's Project Zero that seeks out unknown loopholes in code. The patch comes less than a week after Microsoft closed another loophole in the same font-handling system. That separate hole came to light following a hack attack on a security company called the Hacking Team. The attack involved the theft of hundreds of megabytes of documents that, among other things, exposed software bugs it had been planning to exploit for its own ends. 21 July 2015 http://www.bbc.com/news/technology-33608364
