Endpoint Vulnerability

Microsoft: Windows Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists when Windows image file loading functionality does not properly handle malformed image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to load a malformed image file from either a webpage or an email message. The update addresses the vulnerability by helping to ensure that image files contents are properly validated.

Affected Products

Windows RT 8.1,Windows Vista x64 Edition Service Pack 2,Windows Server 2016,Windows Server 2012,Windows 8,Windows 7,Windows 10,Windows Server 2008,Windows Vista Service Pack 2

References

CVE-2016-7212,