The AFDKO font handling library in Adobe Font Development Kit for OpenType (AFDKO) is susceptible to memory corruption issues, such as buffer overflows, due to the lack of sanity checks on input data. This vulnerability can be exploited if the input file does not conform to the format specification. Starting with Windows 10 1709, Microsoft's DirectWrite library includes parts of AFDKO, specifically the modules for reading and writing OpenType/CFF fonts. This code is used for instancing variable fonts, which involves building a single instance of a variable font with specific attributes. The vulnerable code can be reached through the Direct2D printing interface.