Microsoft has released an out-of-band patch that closes an exploit that if executed, could allow remote code execution. The vulnerability, which affects all supported versions of Windows, could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType font, according to Microsoft.

Read more about it: http://www.neowin.net/news/microsoft-has-released-an-emergency-patch-for-windows