Can Font Files Have Viruses Hidden in Them?

Looking for exciting new fonts for your website, app, or merch design can be an enjoyable part of branding. You go onto what you assume is a trusted font website, download a font file and open it up on your device. You’re not expecting a virus to unleash onto your hard drive the second you open the file.

Font files can have viruses hidden in them. Despite most font files being non-executable formats, there are still vulnerabilities that could allow remote code execution to attack computers with malicious code. Font files can be exploited if they are executable, although there aren’t many cases.

Luckily, there are ways to protect yourself and your devices from malicious attacks or vulnerabilities in your systems that are susceptible to remote code execution. Keep reading to discover specific instances of font files being compromised via code injection or other means.

Ways Font Files Have Been Compromised

Various forums on the internet of Windows or macOS users claiming their devices malfunctioned after extracting a font file. While these cases are rare and most responses trumpet the safety of font files, there are instances where fonts have caused issues.

TrueType, a common font file format, uses hinting language during rendering. A hinting language is processed by a virtual machine, which provides opportunities for malicious code to attack the vulnerabilities in the virtual machine. There was an instance in 2015 where such a vulnerability was found in a Windows kernel-mode driver mishandling TrueType fonts. It was acknowledged that an attacker could exploit this vulnerability with remote code execution.

Another instance was with Microsoft in 2021 with OpenType Font Parsing. The vulnerability was due to improper input validation and acknowledged the possibility for an attacker to send a designed request that would execute arbitrary code on a targeted device.

These examples may cause you to second-guess downloading fonts or doubt programs with native fonts, but there are precautions you can take to protect yourself and your device as best as possible.

3 Ways to Protect Yourself From Malicious Font Files

While you may not be able to avoid every phishing attempt or corrupt file that comes across your device, you can educate yourself on what to avoid to lessen the chances. As long as there are scammers and hackers, there will be attempts to exploit your device and your information. Taking a few precautions can give you the peace of mind you need to use your devices without fear.

1. Download Malware Protection and Antivirus Software

You might think that Anti Malware and Antivirus protection are the same, but there are differences, and you will need both to protect your device fully. Scan your device for malware and viruses regularly and allow the software to remove any potential threats.

If you have doubts about the font file you just downloaded to your computer, run a scan to see if the software detects any threats within the file. In addition to malware protection and antivirus software, ensure you have firewalls on your device. Firewalls are a barrier between your computer and an outside network, like the internet. Firewalls can protect you from remote code execution attacks that try to take advantage of vulnerabilities in your software.

2. Use Trusted Font Sites

Many resources, including forums, on the internet, will provide you with information on trusted sites for downloading fonts. If you’ve never heard of the website, or it doesn’t look legitimate, find another site to acquire fonts. Numerous sites offer fonts for free, though always check the licensing. Don’t just go with the first entry in your search engine. Do your research to protect your device.

If you need fonts for your business or a personal project, like a newsletter or product, you can always use a design program or website with native fonts that can be trusted, like placeit.net or canva.com.

3. Do Not Download Executable Font Files

Most font files are not executable; therefore, they are safe from containing viruses, which have to be executed to get into your system. The most common font file formats are TrueType (TTF), OpenType (OTF), Web Open Font Format (WOFF), and PostScript (PS). When in doubt, stick with these font file formats.

If you come across an executable font file, there is a chance it could contain a virus or something you don’t want or need on your device. The way to tell if a font file is executable is by looking at the extension. Some common extensions are EXE, APP, or no file name extension (UNIX).

Conclusion

It’s important to be cautious, so don’t open any files that were sent to you without previous knowledge, and if you’re unsure, check the file before opening it on your device. Luckily, it’s unlikely you’ll run into this issue as long as you safeguard your device and use trusted resources.