
Remote Code Execution in Windows from Malformed Images - dijit
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8475
======
dijit
> CVE-2018-8475 is a remote code execution vulnerability in Windows OS, which
> exists due to the image-loading functionality improperly handling malformed
> image files. An attacker could exploit this bug by convincing a user to load
> a malformed image file from either a web page, email or other method

So, it affects web-browsing too. But I assume with the Edge/IE Browsers and
not Chrome/Firefox. (it's dangerous to assume, I know)

