Merge pull request #8691 from illfated/patch-4

Update block-untrusted-fonts-in-enterprise.md
2025-05-18 08:17:23 +00:00 · 2020-11-30 12:51:29 -08:00 · 2020-11-30 12:51:29 -08:00 · 34a5f18f0c
commit 34a5f18f0c
parent 036a4e8caf 41951448fa
1 changed files with 30 additions and 36 deletions
--- a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
+++ b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
@ -21,7 +21,7 @@ ms.localizationpriority: medium
 - Windows 10
->Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
+> Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
 To help protect your company from attacks which may originate from untrusted or attacker controlled font files, we’ve created the Blocking Untrusted Fonts feature. Using this feature, you can turn on a global setting that stops your employees from loading untrusted fonts processed using the Graphics Device Interface (GDI) onto your network. Untrusted fonts are any font installed outside of the `%windir%/Fonts` directory. Blocking untrusted fonts helps prevent both remote (web-based or email-based) and local EOP attacks that can happen during the font file-parsing process.
@ -85,8 +85,8 @@ To turn this feature on, off, or to use audit mode:
   - **To audit with this feature.** Type **3000000000000**.
-     >[!Important]
+     > [!Important]
-     >Your existing **MitigationOptions** values should be saved during your update. For example, if the current value is *1000*, your updated value should be *1000000001000*. 
+     > Your existing **MitigationOptions** values should be saved during your update. For example, if the current value is *1000*, your updated value should be *1000000001000*.
 5. Restart your computer.
@ -105,8 +105,8 @@ After you turn this feature on, or start using Audit mode, you can look at your
    FontPath:<br>
    Blocked: true
-    >[!NOTE]
+    > [!NOTE]
-    >Because the **FontType** is *Memory*, there’s no associated **FontPath**.
+    > Because the **FontType** is *Memory*, there’s no associated **FontPath**.
    **Event Example 2 - Winlogon**<br>
    Winlogon.exe attempted loading a font that is restricted by font-loading policy.<br>
@ -114,8 +114,8 @@ After you turn this feature on, or start using Audit mode, you can look at your
    FontPath: `\??\C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\EQUATION\MTEXTRA.TTF`<br>
    Blocked: true
-    >[!NOTE]
+    > [!NOTE]
-    >Because the **FontType** is *File*, there’s also an associated **FontPath**.
+    > Because the **FontType** is *File*, there’s also an associated **FontPath**.
    **Event Example 3 - Internet Explorer running in Audit mode**<br>
    Iexplore.exe attempted loading a font that is restricted by font-loading policy.<br>
@ -123,8 +123,8 @@ After you turn this feature on, or start using Audit mode, you can look at your
    FontPath:<br>
    Blocked: false
-    >[!NOTE]
+    > [!NOTE]
-    >In Audit mode, the problem is recorded, but the font isn’t blocked.
+    > In Audit mode, the problem is recorded, but the font isn’t blocked.
 ## Fix apps having problems because of blocked fonts
 Your company may still need apps that are having problems because of blocked fonts, so we suggest that you first run this feature in Audit mode to determine which fonts are causing the problems.
@ -144,10 +144,4 @@ After you figure out the problematic fonts, you can try to fix your apps in 2 wa
 ## Related content
- [Dropping the “Untrusted Font Blocking” setting](https://blogs.technet.microsoft.com/secguide/2017/06/15/dropping-the-untrusted-font-blocking-setting/)
+- [Dropping the “Untrusted Font Blocking” setting](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/dropping-the-quot-untrusted-font-blocking-quot-setting/ba-p/701068/)