⚠ Actively exploited
Added to CISA KEV on 2022-05-24. Federal agencies required to patch by 2022-06-14. Required action: Apply updates per vendor instructions..

CVE-2017-0005Improper Restriction of Operations within the Bounds of a Memory Buffer in Corporation Windows GDI

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer24 documents11 sources
Severity
7.8HIGHNVD
EPSS
8.0%
top 7.88%
CISA KEV
KEV
Added 2022-05-24
Due 2022-06-14
Exploit
Exploited in wild
Active exploitation observed
Affected products
17
Microsoft Corporation Windows GDIMicrosoft Windows 10Microsoft Windows Server 2008+14 more
Timeline
PublishedMar 17
KEV addedMay 24
KEV dueJun 14
CISA Required Action: Apply updates per vendor instructions.

Description

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages16 packages

Patches

Patch: blogs.technet.microsoft.comPatch: portal.msrc.microsoft.comPatch: blogs.technet.microsoft.com

🔴Vulnerability Details

5
GHSA
GHSA-4vm3-h9r2-w6h6: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 82022-05-13
GHSA
GHSA-8w8f-9j37-53m3: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 82022-05-13
GHSA
GHSA-675h-vwc7-whcj: The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 82022-05-13
GHSA
GHSA-3jwp-gjhp-77f3: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 82022-05-13
VulnCheck
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability2017

📋Vendor Advisories

3
CISA
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability2022-05-24
Microsoft
Windows GDI Elevation of Privilege Vulnerability2017-03-14
VMware
VMware Workstation and Fusion updates address critical out-of-bounds memory access vulnerability2017-03-14

🕵️Threat Intelligence

10
Microsoft
Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005 | Microsoft Security Blog2017-03-27
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins2017-03-15
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins2017-03-15
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins2017-03-15
Trendmicro
March 2017 Patch Tuesday: 18 Security Bulletins2017-03-15

💬Community

1
Bugzilla
CVE-2017-2641 CVE-2017-2643 CVE-2017-2644 CVE-2017-2645 moodle: Multiple security vulnerabilities2017-03-22