CVE-2018-8596

Name of the Vulnerable Software and Affected Versions Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2019 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description The issue is related to an information disclosure vulnerability in the Windows GDI component, which improperly discloses the contents of its memory. This can be exploited by attackers to obtain sensitive information using a specially crafted document. The vulnerability is associated with errors in the mechanisms for handling objects in memory.

Recommendations For Windows 7, consider applying security updates to address the issue. For Windows Server 2012 R2, apply the latest security patches. For Windows RT 8.1, install the latest available updates. For Windows Server 2008, ensure all security updates are applied. For Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers, apply the relevant security updates to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.