Zero-Day Advisory
Fortinet Discovers Microsoft Windows Imaging Library UncompressFile Memory Corruption
Summary
Fortinet's FortiGuard Labs has discovered memory out-of-bound write on Microsoft Windows Imaging Library.
Microsoft Windows Imaging Library is a file-based disk image format. It was developed by Microsoft to help deploy Windows Vista and subsequent versions of the Windows operating system family, as well as Windows Fundamentals for Legacy PCs.[3]
The vulnerability in the Microsoft Windows Imaging Library allows remote code execution when the victim open a specially crafted Windows Imaging file.
Solutions
Users should apply the solution provided by Microsoft.
Timeline
Fortinet reported the vulnerability to Microsoft on November 11, 2019
Microsoft confirmed the vulnerability on December 03, 2019
Microsoft released patch for the vulnerability on February 11 13, 2019.
References
Acknowledgement
This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.