Microsoft Windows GDI patch release for CVE-2025-30388, CVE-2025-53766, and CVE-2025-47984
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft shipped Patch Tuesday fixes for Windows GDI flaws in GdiPlus.dll and gdi32full.dll, covering CVE-2025-30388, CVE-2025-53766, and CVE-2025-47984. The update set addressed bugs that could enable remote code execution and information disclosure. The release spans May, July, and August 2025 security updates.
Related Happenings
Microsoft June 2026 Patch Tuesday record 206-vulnerability update
Security Patch Release
H score55
First: 10.06.2026 12:38
Last: 10.06.2026 12:38
Sources 1
About this happening:
Microsoft shipped a **record 206-vulnerability** update for its software portfolio, including **three publicly disclosed flaws**. The release spans **Critical** and **Important**...
Microsoft June 2026 Patch Tuesday record 206-vulnerability update
Security Patch ReleaseAbout this happening: Microsoft shipped a **record 206-vulnerability** update for its software portfolio, including **three publicly disclosed flaws**. The release spans **Critical** and **Important**...
Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes
Security Patch Release
H score15
First: 10.06.2026 02:11
Last: 10.06.2026 02:11
Sources 1
About this happening:
**Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...
Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes
Security Patch ReleaseAbout this happening: **Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...
Veeam security patch release for CVE-2026-44963
Security Patch Release
H score79
First: 09.06.2026 17:27
Last: 09.06.2026 17:27
Sources 1
About this happening:
**Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...
Veeam security patch release for CVE-2026-44963
Security Patch ReleaseAbout this happening: **Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/Service
H score10
First: 08.06.2026 09:08
Last: 08.06.2026 09:08
Sources 1
About this happening:
**Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/ServiceAbout this happening: **Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
Redis security patch release for CVE-2026-23479
Security Patch Release
H score24
First: 03.06.2026 16:47
Last: 03.06.2026 16:47
Sources 1
About this happening:
**Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...
Redis security patch release for CVE-2026-23479
Security Patch ReleaseAbout this happening: **Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...
Timeline
-
03.11.2025 18:00 2 articles · 7mo ago
Check Point Research reveals Windows GDI flaws in GdiPlus.dll and gdi32full.dll
Initial DisclosureCheck Point Research revealed previously unknown Windows Graphics Device Interface (GDI) flaws in GdiPlus.dll and gdi32full.dll after Microsoft had already shipped fixes, showing that malformed EMF and EMF+ records could trigger memory corruption, remote code execution, or information disclosure. The bugs were tracked as CVE-2025-30388, CVE-2025-53766, and CVE-2025-47984, and Microsoft addressed them through KB5058411, KB5062553, and KB5063878; researchers also noted impact to Microsoft Office for Mac and Android.
Show sources
- New GDI Flaws Could Enable Remote Code Execution in Windows — www.infosecurity-magazine.com — 03.11.2025 18:00
- New GDI Flaws Could Enable Remote Code Execution in Windows — www.infosecurity-magazine.com — 03.11.2025 18:00