CVE-2020-1285

Name of the Vulnerable Software and Affected Versions: Windows GDI (affected versions not specified)

Description: The issue is related to errors in handling objects in memory by the Windows Graphics Device Interface (GDI). This can allow a remote attacker to execute arbitrary code, potentially giving them control of the affected system. They could then install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights. Attackers could exploit this issue through web-based attacks by hosting specially crafted websites or through file-sharing attacks by providing specially crafted document files.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.