| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-012 | Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938) | Windows 8.1 | Critical | 10-02-2016 |
Technical Information
Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Microsoft Windows PDF Library improperly handles application programming interface (API) calls, which could allow an attacker to run arbitrary code on the userÆs system. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.
Detailed Information on the risk:
A remote code execution vulnerability exists in Microsoft Windows when a specially crafted file is opened in Windows Reader. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take control of the affected system.
Windows 8.1 for 32-bit Systems Further information on this exploit is available at : MS16-012
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows Server 2012 R2 (Server Core installation)
Affected Software
Windows 8.1 for 32-bit SystemsWindows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows Server 2012 R2 (Server Core installation)