CVE-2016-7210

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue allows remote attackers to obtain sensitive information from process memory via a crafted Open Type font on a web site. It is also related to insufficient access control in the Windows operating system, which can be exploited by a remote attacker to execute arbitrary code using a specially crafted image.

Recommendations For Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.