TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
(MS08-071) Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
Vulnerability Identifier: CVE-2008-2249; CVE-2008-3465
Discovery Date: Dec 9, 2008
Risk: Critical
Affected Software:
  • Microsoft Windows 2000 Service Pack 4
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  • Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
  • Microsoft Windows Server 2003 x64 Edition
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Professional x64 Edition Service Pack 2
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Service Pack 3
  • Windows Server 2008 for 32-bit Systems
  • Windows Server 2008 for Itanium-based Systems
  • Windows Server 2008 for x64-based Systems
  • Windows Vista
  • Windows Vista Service Pack 1
  • Windows Vista x64 Edition
  • Windows Vista x64 Edition Service Pack 1
  • Windows XP Service Pack 2
Description:

This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted WMF image file.

A remote malicious user who successfully exploits these vulnerabilities could take complete control of an affected system. The remote malicious user could then install programs; view, change, or delete data; or create new accounts with full user rights.

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


Patch Information:

Patches for this vulnerability can be downloaded on this Microsoft Web page.
 
Search for another Security Advisory
Keyword: