Well that was disappointing... Virus scan uninstalled a bunch of fonts.

After a discovering a piece of Malware on my computer, I installed McAfee and ran a scan. It now looks like the malware is gone but so are a bunch of fonts.  I haven't done an inventory but it looks like dozens have been uninstalled.

This strikes me as very weird. It was certainly a surprise. 


  • There are known vulnerabilities that allow an infected font to harm your PC. If your computer is up-to-date it most likely can't infect your PC further, but if you share those fonts, it could harm others.
  • Thanks, Erwin.

    Some of the fonts were drafts of fonts I'm working on. Others were by people I know personally. There may be some irregularities that might have been read as potential threats by McAfee. Particularly in some of my own which are still works in progress, so I wouldn't put it past me to have goofed something up someplace. Others that went missing were ones I've thoroughly tested and published or by experienced type designers & foundries. 

    None of the fonts were from a source that might be considered suspect.
  • Erwin DenissenErwin Denissen Posts: 200
    edited January 2019
    I'm sure you didn't add malware into your font, but if your PC was infected, it is possible that the malware further infected your system, including your fonts.

    I'm not saying they are infected, but I'm just telling you it is possible.

    If you want to know more about it, just Google for:
    opentype exploits

  • Thanks. 

  • Thomas PhinneyThomas Phinney Posts: 1,856
    edited January 2019
    I can say that of all the files virus scans have flagged as infected for me in the past five years or so, the majority were false alarms. Every so often they randomly flag a FontLab installer for one of our products, we spend a bunch of effort looking into it, find nothing, report it as a possible false flag, and eventually they get back to us and tell us that yes, they were mistaken.

    Rarely it is a font, but that doesn't shock me either.

    The key thing to check is whether the virus scanner claims this is a "heuristic" based detection or something more specific. If it’s a heuristic that means that it “looks suspicious” and not that they found a specific known virus. So these are much more likely to be false alarms.

    I am not suggesting you should ignore all such flags or not take them seriously. Just saying that if you have reason to think they may be false alarms, you may very well be right!
  • What is this link? Is it just spam, or does it have something to do with the topic?

    I have not used any independent anti-virus tool since upgrading to Windows 10. I find that the built-in Windows Defender is adequate. I saw so many posts on forums about false-positives that I concluded that using McAfee, AVG, and similar products is a waste of time. 

    I do run Malwarebytes from time to time, if I suspect that I might have visited a dodgy site, but very rarely find any infections. 
  • @Bhikkhu Pesala It's just a joke. Virus fonts is a 'normal' foundry with a funny name.
Sign In or Register to comment.