CVE-2016-3393 — Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability
2022-05-25 • CISA Known Exploited Vulnerability
[event] A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Microsoft |
| Product | Windows |
| CWE | CWE-284 |
| CVE ID | CVE-2016-3393 |
| Date Added | 2022-05-25 |
| Due Date | 2022-06-15 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-06-15