Is downloading fonts in IE 10 safe?

My organization currently has the "font download" option disabled in the Internet zone of ie10.  I believe this was done to prevent fonts from running malicious code.  I saw that back in 2013 there was a ms security bulletin that addressed the issue.  Would it be a big security risk to enable font downloading at this point?
JDI-ITAsked:
Who is Participating?
 
gheistCommented:
so you are doing your best. keep web fonts on and hand on 3rd red switch next to flush and java...
0
 
gheistCommented:
Fonts are part of html5, much smaller danger than java plugin or flash plugin.
Given later are almost permanently vulnerable and not being patched, a font or 10 will not make significant damage.
Even cleartype was patched once, it does not mean it is no longer vulnerable (and whole IE was swapped like 20 times in meantime, still nowhere close to secure)...
I assume you know all about EMET and IE safe  modes...
0
 
JDI-ITAuthor Commented:
Thanks for the info gheist!  Yes, we currently have EMET deployed and we've looked into deploying IE in protected mode.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.