Allowing untrusted fonts for campaigns
Last updated
Last updated
The Windows operating system offers the ability to block untrusted font files. The Nexthink software agent uses an open-source font family optimized for computer screens to render campaign text.
Previewing campaigns from the web interface always uses the correct font. If you suspect campaigns are not always rendered using the official font family:
Connect to a device.
Open the local log file in the %ProgramData%\Nexthink\Logs\User
folder, labeled something like nxtray*.log
where the *
represents a combination of the user SID and a sequence of numbers.
Search for lines containing QML FontLoader: Cannot load font:
or something similar.
Here is an extract of a log file:
To allow the nxtray.exe
process to load untrusted fonts:
Add a registry key on all devices in Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
and name it nxtray.exe
.
In Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nxtray.exe
add a new QWORD (64-bit) value named MitigationOptions
with the hexadecimal value of 2000000000000
.
Restart Windows to apply the changes.