Re: Untrusted Font?
"a malicious font can cause a privilege escalation..."
if the font is a windows 'OpenType' or 'TrueType' or 'Raster' font file (not sure if that's possible any more with web sites), then it's EXECUTABLE and I'm not sure what user context it would run in. Probably the kernel, yeah. DLLs have startup code that runs when you load them. This could easily be turned into a virus/trojan and attached to a downloadable font file.
If it's a web font, there was a vulnerability back in 2006 that allowed remote code execution in IE. Who's to say they fixed ALL of the vulnerabilities [or didn't introduce NEW ones with the apparent re-re-writing for Edge].
I wouldn't trust Win-10-nic to protect you, either.