CVE-2018-8424

Name of the Vulnerable Software and Affected Versions Windows GDI versions prior to the fixed version Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description The issue is caused by a buffer overflow in the Windows GDI component, allowing an attacker to disclose protected information using a specially crafted document. This can lead to the exposure of sensitive information. The estimated number of potentially affected devices is not specified.

Recommendations For Windows 7, update to a version that includes the fix for this issue. For Windows Server 2012 R2, apply the recommended patch. For Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers, ensure that the latest security updates are installed to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until a patch is available.