CVE-2016-3215

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 8.1, 10 1511 Microsoft Edge Microsoft Windows Server versions 2012 Gold and R2

Description The issue is related to a lack of protection for service data in Microsoft Windows and the Microsoft Edge browser. Exploitation of this issue may allow a remote attacker to obtain confidential information using a specially crafted PDF document. This can occur when a user opens a specially crafted .pdf file, potentially allowing an attacker to read information in the context of the current user.

Recommendations For Microsoft Windows versions 8.1, 10 1511, and Microsoft Windows Server versions 2012 Gold and R2, update to a version that includes the fix for this issue. For Microsoft Edge, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of specially crafted PDF documents until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.