CVE-2016-3312

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 versions Gold and 1511

Description The issue is related to the ActiveSyncProvider in Microsoft Windows, which fails to properly secure service data. This allows attackers to discover credentials by leveraging a failure of Universal Outlook to obtain a secure connection. The vulnerability can be exploited by a remote attacker to disclose accounts.

Recommendations For Microsoft Windows 10 versions Gold and 1511, update to a version that includes the fix for the Universal Outlook Information Disclosure issue. As a temporary workaround, consider restricting access to sensitive information until a patch is available.