A vulnerability in the Graphics Device Interface (GDI) component of Microsoft Windows could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.
The vulnerability exists because the affected software performs improper memory operations that could result in the disclosure of memory contents. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to access sensitive information, which could be used to conduct additional attacks.
Microsoft confirmed the vulnerability and released software updates.
Security Impact Rating: Medium