Name of the Vulnerable Software and Affected Versions:

Microsoft Windows versions (affected versions not specified)

Microsoft Office versions (affected versions not specified)

Description:

An untrusted pointer dereference exists in the Microsoft Graphics Component, potentially allowing an unauthorized attacker to execute code over a network. This can occur without user interaction, potentially triggered by opening a document (such as Word, Excel, or PowerPoint) containing an embedded JPEG image or even a JPEG image embedded in an email. The vulnerability involves an uninitialized function pointer being called during JPEG image decoding. Several use-after-free bugs were also identified in Microsoft Office and Word, potentially leading to code execution when opening a malicious document. Additionally, vulnerabilities were found in Microsoft Message Queuing (MSMQ) and Microsoft Exchange Server. Two of the vulnerabilities are reportedly being exploited in the wild.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.