CVE-2020-0744: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to…

CVE-2020-0744 [MEDIUM] Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how GDI handles memory addresses. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be discl

CVE-2020-0744 [LOW] CWE-119 GHSA-jhf8-8fwr-38xr: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an atta An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.

[HIGH] Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 98 vulnerabilities, 12 of which are considered critical and 84 that are considered important. There are also two bugs that were not assigned a severity. This month's patches include updates to the Windows kernel, the Windows scripting engine and Remote Desktop Procol, among other software and features. Microsoft also provided a critical advisory covering updates to Adobe Flash Player. Talos released a new set of SNORTⓇ rules today that provide coverage for some of these vulnerabilities, which you can see here. ### Critical vulnerabilities Microsoft disclosed 12 critical vulnerabilities this mo

[HIGH] Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage ## Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 98 vulnerabilities, 12 of which are considered critical and 84 that are considered important. There are also two bugs that were not assigned a severity. This month's patches include updates to the Windows kernel, the Windows scripting engine and Remote Desktop Procol, among other software and features. Microsoft also provided a critical advisory covering updates to Adobe Flash Player. Talos released a new set of SNORTⓇ rules today that provide coverage for some of these vulnerabilities, which you can see here