Windows GDI+ Information Disclosure Vulnerability CVE-2021-1708 Security Vulnerability Released: Jan 12, 2021 Assigning CNA: Microsoft Impact: Information Disclosure Max Severity: Important CVSS Source: Microsoft CVSS:3.1 5.7 / 5.0 Temporal score metrics (3) Exploit Code Example: Description: This vulnerability allows attackers to disclose sensitive information from the system. The attacker can exploit this vulnerability by sending a specially crafted request to the affected system. Solution: Microsoft has released a security update to fix this vulnerability. Users are advised to apply the update as soon as possible to mitigate the risk. Acknowledgements: The vulnerability was reported by Microsoft and has been assigned the CVE identifier CVE-2021-1708.