{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000495f1159","releaseDate":"2026-06-09T07:00:00-07:00","cveNumber":"CVE-2026-44812","cveTitle":"Windows Graphics Component Remote Code Execution Vulnerability","releaseNumber":"2026-Jun","vulnType":"Security Vulnerability","latestRevisionDate":"2026-06-19T07:00:00-07:00","description":"<p>Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.</p>\n","cweList":["CWE-190: Integer Overflow or Wraparound"],"cweDetailsListForSearch":["cwe: CWE-190: Integer Overflow or Wraparound","cweUrl: https://cwe.mitre.org/data/definitions/190.html"],"unformattedDescription":"Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.","mitreText":"CVE-2026-44812","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2026-44812","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":1,"latestSoftwareRelease":"Exploitation More Likely","olderSoftwareReleaseId":0,"denialOfService":"N/A","tag":"Windows Win32K - GRFX","issuingCna":"Microsoft","issuingCnaId":100000001,"severityId":100000000,"severity":"Critical","impactId":100000005,"impact":"Remote Code Execution","langCode":"en-US","baseScore":"7.8","temporalScore":"6.8","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","vectorStringSource":"Microsoft","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":1,"cweDetailsList":[{"keys":["cwe","cweUrl"],"values":["CWE-190: Integer Overflow or Wraparound","https://cwe.mitre.org/data/definitions/190.html"]}],"articles":[{"articleType":"FAQ","description":"<p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p>\n<p>Successful exploitation of this vulnerability requires the user to view a specially crafted file in the Windows File Explorer Preview Pane or open said file.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>Are the updates for Microsoft Word, PowerPoint, Excel for Android currently available?</strong></p>\n<p>Yes. As of June 15, 2026, the security update for Microsoft Word, PowerPoint, Excel for Android are available. Customers running Microsoft Word, PowerPoint, Excel for Android should ensure the update is installed to be protected from this vulnerability.</p>\n","ordinal":10000},{"title":"Windows Win32K - GRFX Remote Code Execution Vulnerability","articleType":"100000000","description":"<p>Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p>\n<p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2026-44812","version":2,"revisionDate":"2026-06-19T07:00:00-07:00","initialDate":"0001-01-01T00:00:00Z","description":"<p>Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.</p>\n","unformattedDescription":"Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.","notificationNeeded":true,"notificationSent":true,"sourceId":"5369c4d2-136c-f111-93a1-000d3ac5fb71"},{"cveNumber":"CVE-2026-44812","version":1,"revisionDate":"2026-06-09T07:00:00-07:00","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"adecaa64-1c4e-f111-8d47-00224878786f"}]}