RCE likely with new Windows Graphics Driver Interface bugs

Malicious actors could exploit a trio of already patched Windows Graphics Device Interface vulnerabilities, tracked as CVE-2025-30388, CVE-2025-47984, and CVE-2025-53766, to facilitate remote code execution and information disclosures, Infosecurity Magazine reports.

Attacks harnessing the flaws which stem from Windows' management of GDI operations and involve irregular enhanced metafile and EMF+ records that can result in image rendering-related memory corruption could prompt sensitive data or systems compromise even without user interaction, according to Check Point Research.

Organizations leveraging impacted instances, including Microsoft Office for Mac and Android, have been urged to promptly implement patches released in May, July, and August, which include updated validation checks for rectangle data, rectified pointer arithmetic, and scan-line boundary trimming.

"Our purpose in publishing this blog after security fixes were implemented is to further raise awareness of these vulnerabilities and provide Windows users with defensive insights and mitigation recommendations," said researchers.