CVE-2017-0005

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue is related to the Graphics Device Interface (GDI) in Windows, which has insufficient access restrictions. This can be exploited by a local attacker to gain elevated privileges using a specially crafted application. The vulnerability has been reportedly used in real-world attacks, with estimated targets including government, transport, energy, maritime, military, and financial institutions.

Recommendations For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the GDI interface until a patch is available. Avoid using the vulnerable GDI functions in the affected Windows versions until the issue is resolved.