CVE-2016-3201

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 8.1, 10 Gold, and 10 1511 Microsoft Edge Microsoft Windows Server versions 2012 Gold and 2012 R2

Description A issue allows remote attackers to obtain sensitive information from process memory via a crafted PDF document. Information disclosure occurs when a user opens a specially crafted .pdf file, potentially allowing an attacker to read information in the context of the current user.

Recommendations For Microsoft Windows versions 8.1, 10 Gold, and 10 1511, update to a version that includes the fix for this issue. For Microsoft Edge, update to a version that includes the fix for this issue. For Microsoft Windows Server versions 2012 Gold and 2012 R2, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of Microsoft Edge to open PDF documents from untrusted sources until a patch is available. Restrict access to PDF files from untrusted sources to minimize the risk of exploitation.