Windows GDI Vulnerabilities Resurface

First reported

06.11.2025 13:40

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Three vulnerabilities in Windows Graphics Device Interface (GDI) were disclosed, enabling remote code execution and information disclosure. These flaws, identified as CVE-2025-30388, CVE-2025-53766, and CVE-2025-47984, were rooted in gdiplus.dll and gdi32full.dll. They were addressed by Microsoft in Patch Tuesday updates in May, July, and August 2025. The vulnerabilities involved out-of-bounds memory access triggered through malformed enhanced metafile (EMF) and EMF+ records, leading to memory corruption during image rendering. These issues highlight the persistent nature of security vulnerabilities, which can remain undetected for years and resurface due to incomplete fixes. The challenges in verifying the thoroughness and effectiveness of security patches are also emphasized.

Timeline

06.11.2025 13:40 1 articles · 4d ago

Vulnerabilities in Windows GDI Disclosed
Three vulnerabilities in Windows Graphics Device Interface (GDI) were disclosed, enabling remote code execution and information disclosure. These flaws, identified as CVE-2025-30388, CVE-2025-53766, and CVE-2025-47984, were rooted in gdiplus.dll and gdi32full.dll. They were addressed by Microsoft in Patch Tuesday updates in May, July, and August 2025. The vulnerabilities involved out-of-bounds memory access triggered through malformed enhanced metafile (EMF) and EMF+ records, leading to memory corruption during image rendering.
Show sources

ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40
Open in new tab

Information Snippets

Three vulnerabilities in Windows GDI were disclosed, enabling remote code execution and information disclosure.
First reported: 06.11.2025 13:40

1 source, 1 article
Show sources
- ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40
The vulnerabilities were identified as CVE-2025-30388, CVE-2025-53766, and CVE-2025-47984.
First reported: 06.11.2025 13:40

1 source, 1 article
Show sources
- ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40
The flaws were rooted in gdiplus.dll and gdi32full.dll, which process vector graphics, text, and print operations.
First reported: 06.11.2025 13:40

1 source, 1 article
Show sources
- ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40
The vulnerabilities were addressed by Microsoft in Patch Tuesday updates in May, July, and August 2025.
First reported: 06.11.2025 13:40

1 source, 1 article
Show sources
- ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40
The vulnerabilities involved out-of-bounds memory access triggered through malformed EMF and EMF+ records.
First reported: 06.11.2025 13:40

1 source, 1 article
Show sources
- ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40
The issues highlight the persistent nature of security vulnerabilities, which can remain undetected for years.
First reported: 06.11.2025 13:40

1 source, 1 article
Show sources
- ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More — thehackernews.com — 06.11.2025 13:40

Summary

Timeline

Vulnerabilities in Windows GDI Disclosed

Information Snippets