CVE-2020-0883: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0883) exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. This vulnerability was disclosed on March 12, 2020, and affects various versions of Microsoft Windows operating systems (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 Base Score of 8.8 (HIGH) with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability can be exploited remotely, requires low attack complexity, needs no privileges, but does require user interaction. The potential impact includes high levels of compromise to confidentiality, integrity, and availability of the affected system (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code on the target system with the same privileges as the current user. Users with administrative privileges would be more severely impacted than those with limited rights (NVD).

Microsoft has released security updates to address this vulnerability across multiple versions of Windows, including Windows 10, Windows Server 2016, Windows Server 2019, and older versions. Users are advised to apply the appropriate security updates for their systems (Rapid7).