9.3
CVSSv2

CVE-2016-3393

Published: 14/10/2016 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote malicious users to execute arbitrary code via a crafted web site, aka "Windows Graphics Component RCE Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 7

microsoft windows server 2008

microsoft windows 10 -

microsoft windows 10 1511

microsoft windows 10 1607

microsoft windows server 2008 r2

microsoft windows vista

microsoft windows server 2012 r2

microsoft windows 8.1

microsoft windows server 2012 -

microsoft windows rt 8.1

Recent Articles

Kaspersky Security Bulletin 2016. Review of the year. Overall statistics for 2016
Securelist • Kaspersky Lab • 14 Dec 2016

Download Review of the year  Download Overall statistics  Download the consolidated Kaspersky Security Bulletin 2016 1. Kaspersky Security Bulletin. Predictions for 20172. Kaspersky Security Bulletin 2016. The ransomware revolution If they were asked to sum up 2016 in a single word, many people around the world – particularly those in Europe and the US – might choose the word ‘unpredictable’. On the face of it, the same could apply to cyberthreats in 2016: the massive botnets of connec...

Fruity hacking group juiced by Microsoft's October patch parade
The Register • Darren Pauli • 21 Oct 2016

Get your patching done, people, this Font-borne bug is being actively exploited

Kaspersky Lab researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week. Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers. Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug. Here's some of his explanation...

Windows zero-day exploit used in targeted attacks by FruityArmor APT
Securelist • Anton Ivanov • 20 Oct 2016

A few days ago, Microsoft published the “critical” MS16-120 security bulletin with fixes for vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. One of the vulnerabilities – CVE-2016-3393 – was reported to Microsoft by Kaspersky Lab in September 2016. Here’s a bit of background on how this zero-day was discovered. A few of months ago, we deployed a new set of technologies in our products to identify and block zero-day attacks. The...