CVE-2019-1143

Q: What is the severity of CVE-2019-1143?

CVE-2019-1143 has a CVSS score of 5.5 (MEDIUM). This Windows GDI vulnerability allows attackers to read sensitive memory contents, potentially exposing system information that could enable further attacks. It affects Windows users who open malicious documents or visit compromised websites. The vulnerability requires user interaction but doesn't require elevated privileges.

5.5 MEDIUM

📋 TL;DR

This Windows GDI vulnerability allows attackers to read sensitive memory contents, potentially exposing system information that could enable further attacks. It affects Windows users who open malicious documents or visit compromised websites. The vulnerability requires user interaction but doesn't require elevated privileges.

💻 Affected Systems

Products:

Windows 10
Windows Server 2016
Windows Server 2019

Versions: Multiple versions prior to August 2019 updates

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Affects default installations of listed Windows versions

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker obtains sensitive system memory data that could lead to full system compromise through chained attacks

🟠

Likely Case

Information disclosure revealing system details that could facilitate targeted attacks

🟢

If Mitigated

Limited impact with proper patching and user awareness training

🌐 Internet-Facing: MEDIUM - Requires user interaction but can be triggered via web content

🏢 Internal Only: LOW - Requires user to open malicious documents, less likely in controlled environments

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction (opening document or visiting website)

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: August 2019 security updates

Vendor Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1143

Restart Required: Yes

Instructions:

1. Open Windows Update settings. 2. Check for updates. 3. Install August 2019 security updates. 4. Restart system if prompted.

🔧 Temporary Workarounds

Restrict document execution

windows

Configure Windows to open documents in protected view or sandboxed environments

Web content filtering

all

Block untrusted websites and restrict script execution in browsers

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized document execution
Deploy enhanced monitoring for suspicious GDI process behavior

🔍 How to Verify

Check if Vulnerable:

Check Windows version and update history for August 2019 security updates

Check Version:

wmic os get caption,version,buildnumber

Verify Fix Applied:

Verify KB numbers from August 2019 security updates are installed

📡 Detection & Monitoring

Log Indicators:

Unusual GDI process crashes
Multiple document opens from untrusted sources

Network Indicators:

Downloads of suspicious document files
Connections to known malicious domains

SIEM Query:

EventID=1000 AND Source='Application Error' AND ProcessName LIKE '%gdi%'

📊 Metadata

CVE ID: CVE-2019-1143

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: August 14, 2019

Last Updated: February 20, 2026

🔗 References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1143 Patch,Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1143 Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Windows 10 by Microsoft

Windows 10 by Microsoft

Windows 10 by Microsoft

Windows 10 by Microsoft

Windows 10 by Microsoft

Windows 10 by Microsoft

Windows 10 by Microsoft

Windows 7 by Microsoft

Windows 8.1 by Microsoft

Windows Rt 8.1 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2019 by Microsoft

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict document execution

Web content filtering

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities