GDI Archives

AppWizard

November 30, 2025

Already my favorite RTS this year, Tempest Rising is going full Command and Conquer by adding superweapons

The upcoming update for Tempest Rising will introduce two new superweapons: the Drone Strike Station for the Global Defense Force (GDF) and the Excavator Platform for the Tempest Dynasty. The Drone Strike Station allows players to call in orbital strikes and deploy nine tungsten Drone Turrets, while the Excavator Platform can create shockwaves, transport units underground, and restore health to infantry. These additions aim to enhance gameplay strategies for both factions.

Winsage

November 12, 2025

Microsoft Releases November 2025 Patch Tuesday Updates

Microsoft has rolled out its November 2025 Patch Tuesday updates for Windows 11, addressing 63 vulnerabilities across various platforms, including Windows, Office, Microsoft Edge, Azure Monitor Agent, Dynamics 365, Hyper-V, and SQL Server. The update includes four critical and 59 important vulnerabilities, with one currently being exploited. Key vulnerabilities fixed include: - CVE-2025-62215: A privilege escalation vulnerability in the Windows Kernel. - CVE-2025-60724: A critical heap-based buffer overflow in the Microsoft Graphics Component (GDI+) enabling remote code execution, rated CVSS 9.8. - CVE-2025-60704: A high-severity vulnerability in Windows Kerberos, rated CVSS 7.5. - CVE-2025-62220: A heap-based buffer overflow in the Windows Subsystem for Linux GUI (WSLg), rated CVSS 8.8. - CVE-2025-60719: An untrusted pointer dereference in the Windows Ancillary Function Driver for WinSock. The update enhances features for Windows 11 versions 25H2 and 24H2, improving Click to Do, File Explorer, Voice Access, and Windows Search for Copilot+ devices. The taskbar has been updated with a new battery icon, and the Start Menu has been redesigned to include a scrollable All section. A preview of the Administrator Protection feature has been introduced to prevent unauthorized changes. Additionally, Microsoft released KB5068781 for Windows 10 Extended Security Updates, fixing an incorrect “end of support” message and addressing the same 63 vulnerabilities. Organizations are advised to conduct thorough testing before deploying the patches and to back up systems to mitigate potential issues.

Winsage

November 12, 2025

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Microsoft's November 2025 Patch Tuesday addresses a total of 63 vulnerabilities, including one actively exploited zero-day flaw (CVE-2025-62215) related to Windows Kernel Elevation of Privilege. The updates include four vulnerabilities classified as "Critical," with two for remote code execution, one for elevation of privileges, and one for information disclosure. The breakdown of vulnerabilities is as follows: - 29 Elevation of Privilege Vulnerabilities - 2 Security Feature Bypass Vulnerabilities - 16 Remote Code Execution Vulnerabilities - 11 Information Disclosure Vulnerabilities - 3 Denial of Service Vulnerabilities - 2 Spoofing Vulnerabilities This Patch Tuesday marks the first extended security update (ESU) for Windows 10, and users are encouraged to upgrade to Windows 11 or enroll in the ESU program. Microsoft has also released an out-of-band update to assist with enrollment issues. Other companies, including Adobe, Cisco, and Google, have also issued security updates in November 2025.

Winsage

November 3, 2025

Windows Graphics Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code

Multiple vulnerabilities have been identified in Microsoft’s Graphics Device Interface (GDI), particularly related to Enhanced Metafile (EMF) formats, allowing potential remote code execution and information exfiltration. Key vulnerabilities include: - CVE-2025-30388: Rated Important with a CVSS score of 8.8, it involves out-of-bounds memory operations during processing of records, affecting Windows 10/11 and Office for Mac/Android. It allows attackers to read or write beyond allocated heap buffers. - CVE-2025-53766: Rated Critical with a CVSS score of 9.8, it permits remote code execution through out-of-bounds writes in the ScanOperation::AlphaDivide_sRGB function, affecting Windows 10/11 without requiring privileges. - CVE-2025-47984: Rated Important with a CVSS score of 7.5, it exploits a flaw in handling EMR_STARTDOC records, leading to information disclosure by exposing adjacent heap memory. Microsoft has released patches to address these vulnerabilities, and users are advised to apply them promptly. Recommendations include disabling EMF rendering in untrusted contexts and using sandboxed viewers for document access.

Winsage

November 3, 2025

New Windows Graphics Vulnerabilities Expose Systems to Remote Code Execution Risks

Check Point Research (CPR) identified three vulnerabilities in Microsoft’s Graphics Device Interface (GDI): 1. CVE-2025-30388: Inadequate validation of clipping rectangles in EMF+ files can lead to heap corruption in GdiPlus.dll, allowing potential remote code execution. Microsoft patched this in May 2025 with version 10.0.26100.4061. 2. CVE-2025-53766: A critical flaw in GdiPlus.dll allows remote code execution without user interaction due to unallocated memory writes triggered by malformed EmfPlusDrawRects records. Microsoft addressed this in August 2025 with version 10.0.26100.4946. 3. CVE-2025-47984: This vulnerability, related to an earlier issue, involves improper handling of EMR_STARTDOC records in gdi32full.dll, leading to information disclosure. Microsoft fixed this in July 2025 with version 10.0.26100.4652. Microsoft released patches for these vulnerabilities during its Patch Tuesday updates in May, July, and August of 2025.