⚠ Actively exploited

Added to CISA KEV on 2022-03-03. Federal agencies required to patch by 2022-03-24. Required action: Apply updates per vendor instructions..

CVE-2017-0001 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Corporation Windows GDI

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents7 sources

Severity

7.8HIGHNVD

EPSS

25.4%

top 3.77%

CISA KEV

KEV

Added 2022-03-03

Due 2022-03-24

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Corporation Windows GDI Microsoft Windows 10 Microsoft Windows Server 2008 +14 more

Timeline

PublishedMar 17

KEV addedMar 3

KEV dueMar 24

Latest updateMay 13

CISA Required Action: Apply updates per vendor instructions.

Description

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0005, CVE-2017-0025, and CVE-2017-0047.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages16 packages

▶msrcmsrc/windows_server_2008

▶msrcmsrc/windows_server_2012

▶msrcmsrc/windows_server_2008_r2

▶msrcmsrc/windows_server_2012_r2

▶msrcmsrc/windows_server_2016

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-4vm3-h9r2-w6h6: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8↗2022-05-13

▶

GHSA

GHSA-8w8f-9j37-53m3: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8↗2022-05-13

▶

GHSA

GHSA-675h-vwc7-whcj: The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8↗2022-05-13

▶

GHSA

GHSA-3jwp-gjhp-77f3: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8↗2022-05-13

▶

VulnCheck

Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability↗2017

▶

💥Exploits & PoCs

Exploit-DB

SAP SAPCAR 721.510 - Heap Buffer Overflow↗2017-05-10

▶

Exploit-DB

Intermec PM43 Industrial Printer - Local Privilege Escalation↗2017-03-28

▶

📋Vendor Advisories

CISA

Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability↗2022-03-03

▶

Microsoft

Windows GDI Elevation of Privilege Vulnerability↗2017-03-14

▶

💬Community

Bugzilla

CVE-2017-1000229 optipng: integer overflow in tiffread.c:minitiff_read_info() leading to denial of service↗2017-12-04

▶