CVE-2016-0058

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 8.1, 10, and Windows Server 2012 Gold and R2

Description The issue is caused by a buffer overflow in the PDF Library component, allowing remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls. This could enable an attacker to run arbitrary code on the user's system, potentially gaining the same user rights as the current user. The impact may be less severe for customers with fewer user rights on the system.

Recommendations For Microsoft Windows 8.1, apply the necessary patch to fix the buffer overflow issue in the PDF Library. For Windows Server 2012 Gold and R2, update the PDF Library component to prevent exploitation. For Windows 10, ensure the latest security updates are installed to address the vulnerability. As a temporary workaround, consider restricting the use of the PDF Library until a patch is available.