CVE-2020-0687: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0687) exists in the Windows font library when it improperly handles specially crafted embedded fonts. This vulnerability, also known as 'Microsoft Graphics Remote Code Execution Vulnerability', was disclosed and patched in April 2020 as part of Microsoft's Patch Tuesday updates (Talos Blog, NVD).

The vulnerability resides in the way the Windows font library handles embedded fonts stored in memory. The flaw allows attackers to execute arbitrary code through specially crafted embedded fonts. This vulnerability was rated as critical by Microsoft and was included among 19 critical vulnerabilities addressed in the April 2020 security updates (Talos Blog).

If successfully exploited, this vulnerability would allow an attacker to gain complete control of the affected machine. The attacker could then install new programs, manipulate data, and create new user accounts with full user rights (Talos Blog).

Microsoft addressed this vulnerability in their April 2020 Patch Tuesday security updates. Users and system administrators are advised to apply the security updates to affected systems to mitigate this vulnerability (NVD).