Title

Microsoft GDI+ Remote Code Execution Vulnerability (Cat II impact)

Discussion

Microsoft has released a Security Bulletin addressing a remote code execution vulnerability affecting GDI. The Microsoft Windows graphics device interface (GDI) enables applications to use graphics and formatted text on both the video display and the printer. Windows-based applications do not access the graphics hardware directly. Instead, GDI interacts with device drivers on behalf of applications. To successfully exploit this vulnerability, an attacker would entice a user to view a malicious file that can embed specially crafted TrueType font files. If successfully exploited, this vulnerability would allow an attacker to take control of the affected system in the context of the current user.

Check Content

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-39199

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.