Vulnerabilities in Microsoft Graphics Components Could Allow Remote Code Execution
15 March 2017
Remote code execution, escalation of privilege, information disclosure
Multiple vulnerabilities found in Microsoft graphics components could, if successfully exploited, lead to remote code execution, escalation of privilege, and information disclosure.
Microsoft has issued a security update to address multiple vulnerabilities that affect Microsoft Graphics Component. Out of the twelve vulnerabilities in total, four were escalation of privilege vulnerabilties that could allow an attacker to run arbitrary code in kernel mode. They were caused by an error in the way that Windows Graphics Device Interface (GDI) handles objects in memory.
Six of the other vulnerabilities could allow information disclosure upon successful exploitation. They were caused by improper disclosure of the contents in Windows GDI components' memory, improper handling of memory by Windows GDI, and improper handling of memory by Color Management Module (ICM32.dll).
The remaining two vulnerabilities were remote code execution vulnerabilities caused by Windows Graphics Component's failure to properly handle objects in memory. All of the issues mentioned above have been rectified in the latest security update by introducing corrective modifications on applicable components.
CVE-2017-0001, CVE-2017-0005, CVE-2017-0025, CVE-2017-0047, CVE-2017-0038, CVE-2017-0060, CVE-2017-0062, CVE-2017-0073, CVE-2017-0061, CVE-2017-0063, CVE-2017-0108, CVE-2017-0014
Install the latest security patch for applicable system, available for download from https://technet.microsoft.com/en-us/library/security/MS17-013