<< Back
CVE Number Vulnerability Product Severity Date
MS16-132 Security Update for Microsoft Graphics Component (3199120) WindowsVistax64EditionServicePack2 Critical 09-11-2016

Technical Information

Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow a remote code execution. The vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts.

Detailed Information on the risk:

An information disclosure vulnerability exists when the ATMFD component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the userÆs system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The update addresses the vulnerability by correcting how the ATMFD component handle objects in memory.

Further information on this exploit is available at : MS16-132

WindowsVistax64EditionServicePack2
WindowsVistaServicePack2
WindowsServer2016forx64-basedSystems
WindowsServer2012R2(ServerCoreinstallation)
WindowsServer2012andWindowsServer2012R2
WindowsServer2012(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1
WindowsServer2008forx64-basedSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008forx64-basedSystemsServicePack2
WindowsServer2008forItanium-basedSystemsServicePack2
WindowsServer2008for32-bitSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008for32-bitSystemsServicePack2
WindowsRT8.1[1]
Windows8.1forx64-basedSystems
Windows8.1for32-bitSystems
Windows8.1
Windows7forx64-basedSystemsServicePack1
Windows7for32-bitSystemsServicePack1
Windows10Version1607forx64-basedSystems
Windows10Version1607for32-bitSystems
Windows10Version1511forx64-basedSystems
Windows10Version1511for32-bitSystems
Windows10forx64-basedSystems
Windows10for32-bitSystems

Affected Software

WindowsVistax64EditionServicePack2
WindowsVistaServicePack2
WindowsServer2016forx64-basedSystems
WindowsServer2012R2(ServerCoreinstallation)
WindowsServer2012andWindowsServer2012R2
WindowsServer2012(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1
WindowsServer2008forx64-basedSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008forx64-basedSystemsServicePack2
WindowsServer2008forItanium-basedSystemsServicePack2
WindowsServer2008for32-bitSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008for32-bitSystemsServicePack2
WindowsRT8.1[1]
Windows8.1forx64-basedSystems
Windows8.1for32-bitSystems
Windows8.1
Windows7forx64-basedSystemsServicePack1
Windows7for32-bitSystemsServicePack1
Windows10Version1607forx64-basedSystems
Windows10Version1607for32-bitSystems
Windows10Version1511forx64-basedSystems
Windows10Version1511for32-bitSystems
Windows10forx64-basedSystems
Windows10for32-bitSystems