A micropatch fixing a remote code execution (RCE) vulnerability in the Windows Graphics Device Interface (GDI+) is now available through the 0patch platform for Windows 7 and Server 2008 R2 users.
The patch is available for
0Patch users with PRO accounts with fully updated Windows 7 or Server 2008 R2 devices who haven't yet enrolled in Microsoft's Extended Security Updates (ESU) service (
1,
2).
At the moment, only organizations with volume-licensing agreements or small-and-midsize businesses can get an ESU license until January 2023.
"All others have an official update available from Microsoft," as 0patch co-founder Mitja Kolsek told BleepingComputer. "If it turns out that many users on supported versions can't apply the official March update (e.g., functional problems), we'll port it for them too."
