Endpoint Vulnerability

Microsoft: Windows PDF Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists in Microsoft Windows, Microsoft Word 2013 and Microsoft Word 2016 if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user.

Affected Products

Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86,Windows 10,Windows 8,Windows RT 8.1,Windows Server 2012,Windows Server 2016

References

CVE-2017-0292,