Fortinet Discovers GDI+ StretchDIBitts Information Disclosure Vulnerability
Fortinet's FortiGuard Labs has discovered an information disclosure vulnerability in Microsoft Graphics Component.
Microsoft Graphic Component is one of the core operating system components responsible for representing graphical objects and transmitting them to output devices such as monitors and printers.
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
Users should apply the solution provided by Microsoft.
Fortinet reported the vulnerability to Microsoft on June 09, 2020
Microsoft confirmed the vulnerability on June 11, 2020
Microsoft released a patch for the vulnerability on September 8, 2020
This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.