CVE-2016-3203

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 8.1, 10 Gold, and 10 1511 Microsoft Edge (affected versions not specified) Windows Server versions 2012 Gold and 2012 R2

Description The issue exists due to insufficient input validation in Microsoft Windows and the Microsoft Edge browser. This allows a remote attacker to execute arbitrary code using a specially crafted PDF document. The vulnerability can be exploited if a user opens a malicious .pdf file, potentially leading to arbitrary code execution in the context of the current user.

Recommendations For Microsoft Windows versions 8.1, 10 Gold, and 10 1511, update to a version that includes the fix for this issue. For Microsoft Edge, consider disabling the handling of PDF documents until a patch is available. For Windows Server versions 2012 Gold and 2012 R2, apply the recommended security updates to resolve the issue. As a temporary workaround, consider restricting access to PDF documents from untrusted sources to minimize the risk of exploitation.