CVE-2020-1529

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: The issue is caused by a buffer overflow in the Windows Graphics Device Interface (GDI) due to improper handling of objects in memory. This could allow an attacker to elevate their privileges by running a specially crafted application, potentially enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this vulnerability, an attacker would first need to log on to the system.

Recommendations: To resolve the issue, apply the update that corrects how GDI handles objects in memory and prevents instances of unintended user-mode privilege elevation. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation. Avoid running specially crafted applications that could exploit the vulnerability until the issue is resolved.