Cyanid-E

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version **Description** The issue is related to a sign extension vulnerability in the createBrushIndirect function within the GDI library (gdi32.dll). This vulnerability allows user-assisted attackers to cause a denial of service, resulting in an application crash, by using a crafted WMF file. **Recommendations** For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting the use of WMF files to minimize the risk of exploitation.