CVE-2018-8472

Name of the Vulnerable Software and Affected Versions Windows 7 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows 8.1 Windows RT 8.1 Windows 10 Windows 10 Servers

Description An information disclosure issue exists in the way the Windows Graphics Device Interface (GDI) handles objects in memory. This allows an attacker to retrieve information from a targeted system. The vulnerability can be exploited by using a specially crafted application to disclose protected information.

Recommendations For Windows 7, update to a newer version to mitigate the risk. For Windows Server 2008, update to a newer version to mitigate the risk. For Windows Server 2008 R2, update to a newer version to mitigate the risk. For Windows Server 2012, update to a newer version to mitigate the risk. For Windows Server 2012 R2, update to a newer version to mitigate the risk. For Windows Server 2016, update to a newer version to mitigate the risk. For Windows Server 2019, update to a newer version to mitigate the risk. For Windows 8.1, update to a newer version to mitigate the risk. For Windows RT 8.1, update to a newer version to mitigate the risk. For Windows 10, update to a newer version to mitigate the risk. For Windows 10 Servers, update to a newer version to mitigate the risk.