CVE-2019-0903 — Microsoft GDI Remote Code Execution Vulnerability
2022-03-25 • CISA Known Exploited Vulnerability
[event] A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Microsoft |
| Product | Graphics Device Interface (GDI) |
| CVE ID | CVE-2019-0903 |
| Date Added | 2022-03-25 |
| Due Date | 2022-04-15 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-04-15