CVE-2016-0184

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT 8.1 Microsoft Windows 10 Gold and 1511

Description The issue is related to a use-after-free vulnerability in the GDI component of the Windows operating system. This vulnerability can be exploited by remote attackers to execute arbitrary code via a crafted document. The exploitation of this vulnerability may allow a remote attacker to execute arbitrary code.

Recommendations For Microsoft Windows Vista SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 8.1, update to a newer version to mitigate the risk. For Microsoft Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Microsoft Windows RT 8.1, update to a newer version to mitigate the risk. For Microsoft Windows 10 Gold and 1511, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting the use of crafted documents until a patch is available.