CVE-2017-8460

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 versions 1511, 1607, 1703 Windows Server 2016

Description The issue allows information disclosure when a user opens a specially crafted PDF file. This can enable attackers to obtain sensitive information and potentially affect the system. The vulnerability is related to the JPEG2000 parsing in the Windows PDF Library, which can lead to an out-of-bounds read information disclosure.

Recommendations For Windows 8.1, consider applying the recommended security update to resolve the issue. For Windows Server 2012 Gold and R2, apply the security patch to fix the vulnerability. For Windows RT 8.1, Windows 10 versions 1511, 1607, 1703, and Windows Server 2016, update to a version that includes the security fix for the Windows PDF Library. As a temporary workaround, consider restricting the opening of PDF files from untrusted sources until a patch is available.