In general, it is a very good idea to install the various Windows Updates released as “high priority”. Unfortunately you may find that some of these updates cause problems. Microsoft released one on December 11, 2012 that will make some of your fonts stop working.
This particular update is labeled as KB2753842 (described as security update for OpenType Compact Font Format). If you have not already installed this update, do not install it! In fact, you should tell Windows Update to hide it so you will never be asked to install it.
If you have already installed it (you’ll probably know because fonts have stopped working), go into Control Panel and uninstall it. In Windows 7, it is found in the “Programs and Features” control panel on the “Installed Updates” tab. You’ll probably see a lot of updates there so it may take a while to find this one. Just remember the name of “KB2753842” and you’ll find the exact one to uninstall.
So what is the problem with this update? While it claims to prevent certain rogue (infected) OpenType fonts from working, it will stop all PostScript Type 1 (PFB) and all OpenType fonts containing Type 1 data from working in applications such as CorelDRAW and QuarkXpress. There may be other programs affected as well. Since this update is so new, more data is coming available all the time.
Given the problems caused by this update, I’m going to guess Microsoft will release a different update in the future to address the security problems. Should you see a new update appear that claims to address OpenType security issues, proceed with caution until you know it is safe to install!
12/14/2012 Update: More information on this problem has been provided at More Details on Windows Update KB2753842 Breaking Some Fonts.
I would suggest uninstalling or not installing this update is a proceed at your own (computer’s) risk.
Mike
Mike, which is worse? Many users have reported a large number of their perfectly safe fonts have stopped working. Those users are therefore unable to finish design projects which can bring their business to a complete halt. I have thousands of fonts and have yet to see (or hear) of one that would trigger the security problems supposedly resolved by this update. If there is truly such a huge security risk, Microsoft needs to find a way to close the security hole without causing so many valid fonts to stop working.
Thanks for this info – I have a font that won’t show up properly now in CDraw, but shows up everywhere else. I’ll see if this fixes it. I was looking at having to switch the entire job over to InDesign. It’s only Gotham font, which has been around for ages.
Now all I need is to get Calendar Wizard updated as well…
🙂
I’m also seeing reports of this update causing problems with fonts in Adobe Flash CS6. At a much lower level is a Windows API call, GetGlyphOutline() that is behind the problem. When a program needs to access the curves of the fonts, this call fails to return the memory size. I have a feeling there are many more programs that are affected by this bug in the update.
It took me ages to find out it was a Windows update which stopped me converting fonts to paths! This was happening in Macromedia Freehand, Corel Draw. I also had problems printing to a PDF, it removed any OTF Open Type Fonts from showing in the document.
Hello Foster,
Which is worse? I dunno.
Which is worse in this scenario: You have uninstalled the update. You visit a web site using @fontface which has malicious code in it and your computer is rendered unusable until one cleans, restores or otherwise gets rid of the critter?
Point being, telling the entire world to remove the update without discussing the main 3 areas they could be at risk exposes them to possible harm in at least time, if not money.
I too am affected. For myself I chose to unplug from the internet, remove the update, make changes to some print work I had to get out, reinstall the update and plug back in.
From reading one MS response, I cannot see them making a “fix.” Maybe they can, maybe they cannot. For now MS is leaving the fix up to the software vendors. The cost to both software vendors and their customers is going to be enormous. Think the smaller vendors are going to patch back one, two or X number of versions? I don’t think so. Which means people who are running one, two or more versions behind will simply have to upgrade.
Illustrator and InDesign are not affected. They directly read fonts (if my understanding is correct) instead of using an API call. (Which is why AI is pretty intolerant to bad fonts.) So for now, work I began in other graphic and page layout applications are being moved into their respective Adobe applications (there is a couple exceptions, for instance PagePlus works fine as long as text effects/font outlines are not used).
Take care, Mike
Mike, your concern is “You visit a web site using @fontface…”
Again, I think the chances of that leading to infection are extremely slim. All I know is I have been been asked specifically about why fonts aren’t working by a large number of people and even more have been complaining in online forums for Adobe, Corel and Quark. Designers are dead in their tracks and not able to get jobs done.
Will there be another fix? Given the damage Microsoft has done to design software from big players, there will absolutely be another fix.
I stand by my advice that all users should uninstall this update until a proper update is released.
This is amazingly bad, reckless advice.
If you feel it is bad advice, you clearly aren’t affected by the problems. Designers are finding many of their fonts completely unusable after installing this update. The ONLY way to get work done is to uninstall it.
It isn’t reckless advice. If you can think of perils associated with following the advice, or you see other comments on here taht make you shake in your boots, exercise your democratic right to not follow it. I’ve just managed to fix my system by following Foster’s advice, and saved myself more hours of (unpaid) work than I really want to think about.
How do you explain to a client that you have to redo all their work because Microsoft has screwed up again and that you will have to take all of their work out of the software with which you (and they) are familiar, and put it in something else – that they don’t even have?
Thanks for the advice Foster, it saved my day.
We use XP Pro SP3. This update, KB2753842, does not display in “add/Remove” even with the “installed updates” checked as “ON”. When we look in Windows Update it shows we have indeed installed it. CorelDraw is screwed, Quark is screwed, WE ARE SCREWED. We have client jobs that we cannot work on thanks to this update.
HOW CAN WE GET RID OF IT, IF WE CANNOT SEE IT?
This is what I found Googling for XP:
Instructions
1
Click on the “Start” button, click on “Control Panel” and then double-click on the “Add/Remove Programs” icon.
2
Click the “Show Updates” check box at the top of the window and wait for the list of installed updates to appear.
3
Click on the update you wish to remove, click the “Remove” button and then restart your computer. The update is now successfully removed from your computer.
I found a utility that claims to remove XP updates. I don’t know anything about this utility and have no idea if it is legitimate or not. If you want to try it, it can be found at http://www.softpedia.com/get/System/System-Miscellaneous/Windows-XP-Update-Remover.shtml
If at all possible, try using the Control Panel method first. If there is a way to use a System Restore from before the update was installed, that is also a better solution.
Hello Foster,
MS may issue an update to the update. And they may not. The exploit relates to malicious code in PS encoded OT fonts. Fonts are executable code. Unfortunately, there is no firewall nor anti-virus software I am aware that can prevent that code from executing. Several years ago this happened to TT encoded fonts, too.
The issue goes beyond web sites with infected/affected fonts. How about downloading affected fonts from one of the zillion free font sites? Now, no designer worth their salt downloads freebie fonts, right? Much less do they download what are basically ripped off designs whether they are renamed or not.
Like I mentioned in my post. I needed to get some work done in an application that was hosed because of the update and what I did.
My only real point to the whole issue as presented on your site is you do not warn of the potential problems in carrying out your recommendation of not installing or uninstalling the update. Your article should have carried that side of the issue. That is, unless you do not believe MS would spend the time and effort to push out that update in the first place if there really wasn’t a security hazard.
I’ll refrain from posting here again.
Take care, Mike
Anonymous said: ‘For now MS is leaving the fix up to the software vendors’. Well apparently the font problem is affecting Powerpoint uses, too, and who is the software provider of Powerpoint? That’s right, Microsoft.
So a Microsoft update caused one of it’s own programs to malfunction, but it still swiftly passed responsibility for fixing the problem onto ‘software vendors’, leaving thousands of businesses with no other option than to uninstall the update to keep productivity flowing.
‘For now MS is leaving the fix up to the software vendors’
MS has broken their own API (http://msdn.microsoft.com/en-us/library/windows/desktop/dd144891(v=vs.85).aspx0), their own apps (such as PowerPoint) and – I can assure you – made folks over there @ Adobe, Corel, Quark & Co. immensely pissed off with this sloppy security job. Can also pretty firmly say that picking up the mess is upon MS, none of these will “fix” a “hotfixed” documented and widely used API to work around MS’s brainfart and piss-poor testing the hotfix has received.
Corel already pretty explicitely said they have notified MS of the screwup and do not consider this to be any fault of their products.
Lost an entire morning of work trying to find out why some fonts in Flash had stopped working, thanks microsoft.
Thank you – this ruined my day yesterday, but uninstalling the security fix saved me from ruining another day of troubleshooting and a plan to restore my computer to a backup from a week ago.
Yep, it messed up my ability to use certain fonts in Flash CS6 that are critical to a client project that needs completing. Lost at least 1 day of productivity getting to the root cause.
Thank you!!!! This was a life saver! Once again. . . .screwed by MS updates. Thank God for my Mac and VMWare!
Foster thank you for tip! I just removed the update and all fonts are working again. I was going nuts yesterday trying to figure out why the type 1 fonts werent working – security patch be damned! Livelihood vs MS Update … hmmm no brainer
I think we can count on a fix from Microsoft, and fairly quickly (even if the immediate “fix” is pulling the update out of the pipeline). They’re aware of the problem, and know that it’s affecting Office users, not just people who use other software.
As far as whether Foster’s advice is reckless or not, I’m on the side of “not”, personally. That’s just my opinion, of course, but FWIW, one of the first things I do to a new Windows install is let it update then turn updates off. Once in a while, when I’ve not heard any complaints about updates breaking stuff, I may turn Update loose. Most often not. Dangerous? I almost hesitate to say it out loud, but I’ve had one, count it, one virus problem in the time I’ve used Windows … since Windows 3. And that one problem was maybe ten years ago. Run decent AV, let IT update often, for sure, and don’t click on any damfool thing people send you. When in doubt, do it in a virtual machine or let Mac go there. Finally. Something the Etch-a-Sketch is GOOD for. 😉
This “update” affects Postscript-based fonts, right? Postscript was not invented by M$. I’ve during 25 years in this business never found M$ and Postscript going very well together. They grumble along, not as tight buddies, but roll about in a fight now and then.
/B
Thank you soooo much! I knew it was my Windows Update that was messing up my work in Flash CS5. The text was invisible while using anti-aliasing. Hopefully this will fix it!
Thanks !! Fixes the exact problem Danny Adams describe.
I spent hours of nightmare looking for the cause until I used system restore, which fixed it, and got the problem back after windows update !
[thumps chest] Got it one, Steve-o. 😉
MS has pulled the update. It’s no longer being offered, at least not until it can be fixed.
If you think you already have it but don’t see it in Control Panel, restart Windows, then check again. Sometimes updates don’t fully install until the restart, so won’t appear on the list right away.
Apparently MS doesn’t consider the possible threat entailed in removing the update to be as big a risk as the certainty of it’s messing up a lot of systems and costing people time/money.
Thanks for the update on the update Steve. I hope now everyone will understand that this update was every bit as bad as described.
“CorelDraw is screwed, Quark is screwed, WE ARE SCREWED. We have client jobs that we cannot work on thanks to this update.”
– So you patched every PC in your company, all at once, without any sort of testing. Yes, you are screwed.
Next time, use your brain. Every software company slips up from time to time and issues a patch or upgrade that has unintended consequences. Its not a matter of if this will happen, it is a matter of when.
Don’t upgrade your entire fleet at once, you’re not the fucking CIA, i’m sure your PC’s will be just fine if they aren’t upgraded for a week or so after a patch.
Did you do any testing before rolling it out?
If you are the sysadmin for your company, ask for some training in Change Management or at least do some research on the subject.
Thank you Foster so much for the info on this update.
I wasn’t aware I had this update until a font I am using on a client project quit working. I would never have realized the update was the cause without your help.
Thanks again.
Sandy Schuler
I have done a Restore, in fact I have done several retores. I even re-installed my CorelDraw. I did a search of the hard drive and deleted anything associated with KB2753842. My fonts have not come back. What can I do?
We can start with the absolute smallest piece of information. You didn’t save which operating system you are using? I’m going to guess it is Windows XP because so far the only users I’ve heard who have problem removing this update are XP users. As I’ve said several times in previous comments, I have no further advice as I don’t have an XP machine for testing and this update is no longer even available from Microsoft.
The only sure way I know would be to completely re-install the operating system which is a very drastic step. It would be nice if Microsoft would truly provide a tool that removes their horrible mistake.
I wrote in today’s blog that it is time to seriously consider getting rid of XP as the clock is ticking until it is dead. http://graphics-unleashed.unleash.com/2012/12/the-clock-is-ticking-on-windows-xp.html
Thank you for this, my fonts stopped working in my Photoshop CS6 this morning, when my computer did an update, and I was freaking out! I use it for work, so I appreciate the fix! Worked like a charm.
We are a design company whose fonts stopped working on 3 work stations. All saved files would not show the fonts used and we came to a halt..
After removing this update everything is back to normal.
Many thanks
I got lucky on this. One of our PC’s updated last week with this update and the font disappeared in Quarkxpress. I isolated the issue to that program and realized it only affected Adobe fonts when they were increased over 15 pts. I did everything from deleting preferences to re-installing the program. As I am in the process of re-installing Quarkxpress my employee happened to mention that he had an update message stating that he did not have security protection which I know is false. This raised a red flag to me. I went right to the security updates and deleted the very last security update. Boom, fonts are good to go. I was going to remove each one until I hit it but luckily the last one was the correct one. The pain was chasing this update before it installed on all of our computers. As I finished one, I got a call from another person saying ” I cannot see my fonts”
Here’s some details on script removal via Group Policy….
http://www.teamas.co.uk/2012/12/windows-security-update-kb2753842.html
Thank youuuu!
Thanks for the heads up on this! I spent half the day yesterday uninstalling and re-installing fonts thinking they were corrupt or something. Uninstalled the update, and they work fine now. My Photoprint rip software settings got cleared in this update, not sure what that was all about either.
msharing@msanda.net; Okay then, uninstall it. It’s a sad day when a font is exploitable. I choose to correct the opening for my customers as opposed to allowing the exploit. 🙂
On a Win7 x64bit uninstaling kb2753842 doesn’t help the problem with myriad pro in CorelDraw 12. Automatic update is turned off. Any idea?
This update was replaced within a week of its release with one that does work and it should NOT be uninstalled. I do not have any suggestions why one specific font is not working in CorelDRAW 12 (10 year old software). As CorelDRAW 12 is NOT supported on Windows 7, you really should consider upgrading.
I have x3 and a new computer with Win7 x64 and have uninstalled KB275842 and still have some opertype fonts not showing.
danstroh64
Do NOT uninstall this update now! It was replaced with a functional update. If you would like me to help, I need a lot more details than “I have X3 and some OpenType fonts are not showing”. What X3? Do you mean CorelDRAW X3? What EXACT fonts are not showing and where are they not showing? You also must realize that CorelDRAW X3 is NOT officially supported on Windows 7 so some things may not work.
Yes CorelDRAW X3, Beaufont and Audi and others, Audi is the main one I need. Should we consider up[grading?
danstroh64
dan@all-startrophy.com
Those font names are not familiar. Do they work in software other than CorelDRAW X3? One of the biggest changes with CorelDRAW X6 was full support of the character sets in OpenType fonts. You can read about this new feature and more at http://graphics-unleashed.unleash.com/2012/03/top-ten-reasons-to-upgrade-to-coreldraw.html . Yes, you should serious consider an upgrade. You are currently using software than is more than EIGHT years old!
for the past 2 nights my computer has done an automatic update. in the morning, everything on my computer is smaller! desktop icons, folders, fonts, email, everything!! can anyone tell me why? what to do? I keep having to restore to 3 days ago…
First, change your settings so that updates are NOT automatically installed. That will stop the update from installing again. Next, install each available update one-by-one so you can determine which update is the problem. Once you have determine which one is causing the problem, you can research why it is causing the problem and whether or not it is necessary.
My best guess is that it is a new video driver. You should NOT get updated video drivers from Microsoft, you should get them directly from the maker of your video card.
That said, “smaller” seems to indicate it is running your display at a higher resolution. If it is switching your display to the RIGHT RESOLUTION, it is a good thing even though you don’t like the results. You should NEVER run an LCD at anything other than its native resolution. What you can do is adjust other settings so that icons and other things look bigger.