MS15-035: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3046306)
High Nessus Plugin ID 82772
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe version of Microsoft's Graphics Component installed on the remote host is affected by a remote code execution vulnerability due improper handling of specially crafted Enhanced Metafile (EMF) image format files by GDI+. A remote, unauthenticated attacker can exploit this vulnerability by convincing a user to open a file or visit a website containing a specially crafted EMF file, resulting in execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows 2003, Vista, 2008, 7, and 2008 R2.