{"id":2311,"date":"2017-02-18T16:10:20","date_gmt":"2017-02-18T15:10:20","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=2311"},"modified":"2017-02-18T16:40:29","modified_gmt":"2017-02-18T15:40:29","slug":"windows-zero-day-vulnerabilty-in-gdi-dll","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/02\/18\/windows-zero-day-vulnerabilty-in-gdi-dll\/","title":{"rendered":"Windows: Zero-Day vulnerability in gdi.dll"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"http:\/\/www.borncity.com\/blog\/2017\/02\/18\/windows-zero-day-schwachstelle-in-gdi-dll\/\" target=\"_blank\">German<\/a>]Security researchers from Google's Projekt Zero has published another zero day vulnerability in Windows that hasn't been patched <\/p>\n<p><!--more--><\/p>\n<p>Mateusz Jurczyk from Google's Project Zero has discovered the vulnerability in Windows GDI library <em>gdi.dll<em><\/em>.<\/em> Jurczyk discovered multiple bugs related to the handling of DIBs (Device Independent Bitmaps) embedded in EMF records, as implemented in the user-mode Windows GDI library (gdi32.dll). <\/p>\n<p>Using a prepared EMF file allows an attacker to read back images from applications like Internet Explorer. My understanding is, that it's a minor bug, but it shall be closed during the next patchday. Google reported the vulnerability on November 17, 2016 to Microsoft. Such vulnerabilities will be disclosed after 90 days \u2013 details has been published <a href=\"https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=992\" target=\"_blank\">here<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Security researchers from Google's Projekt Zero has published another zero day vulnerability in Windows that hasn't been patched<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,2],"tags":[672,194],"class_list":["post-2311","post","type-post","status-publish","format-standard","hentry","category-security","category-windows","tag-vulnerabilty","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=2311"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2311\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=2311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=2311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=2311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}