Vulnerability Protection

Vulnerability in Windows PDF Library Could Allow Remote Code Execution

Details

Report ID:

MS20170304

Date Published:

15 March 2017

Date Revised:

Criticality:

Critical

Compromise Type:

Remote code execution

Compromise From:

Remote

Affected Product/Component:

Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT 8.1
Windows 10
Windows Server 2016

Summary

Microsoft Windows PDF Library was affected by a vulnerability that could be exploited into allowing remote code execution. 

Detailed Description

Microsoft Windows PDF Library was affected by a vulnerability that exists due to improper handling of objects in memory. An attacker who successfully exploited this vulnerability could be able to execute arbitrary code and take control of an affected system. This issue has been resolved in the latest security patch which introduced applicable modification. 

CVE Reference

CVE-2017-0023

Solution

Install the latest security patch for applicable system, available for download from https://technet.microsoft.com/en-us/library/security/ms17-009

Source

Microsoft Security Bulletin MS17-009