Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB3157569
HistoryJun 14, 2016 - 7:00 a.m.

MS16-080: Description of the security update for Windows PDF: June 14, 2016

2016-06-1407:00:00
Microsoft
support.microsoft.com
16

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.937 High

EPSS

Percentile

99.1%

JSON

MS16-080: Description of the security update for Windows PDF: June 14, 2016

Summary

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted .pdf file. An attacker who successfully exploited the vulnerabilities could cause arbitrary code to execute in the context of the current user. However, an attacker would have no way to force a user to open a specially crafted .pdf file.

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-080.

More Information

Important

  • All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.

Note For Windows RT 8.1, this update is available through Windows Update only.

__

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-080 that corresponds to the version of Windows that you are running.

More Information

__

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

File Information

__

File hash information

File name SHA1 hash SHA256 hash
Windows8.1-KB3157569-x86.msu 7A54DAA038C8BA45C9D9C85C1C9FFDE9AC4AF39A 5AFD55D2B9C02EDCF3DE79768CA5CCB26999BD5AEE60BC57F8A0DABCA77D2C37
Windows8.1-KB3157569-arm.msu 0653868F5E22F4A92ED8BD8103788A60DD34704A 976E728A3CB61FEEFB28CE21915244486A5CCA69095229BB71C7D6EA4C9EDEC8
Windows8-RT-KB3157569-x64.msu 6F20DEAD297A1E6AD98894400DBE442B123ABF46 27ADF9E0CD642C89E8B1B0B0B54CD12FAC70D5694EC257B89EA3D980C1A02B9E
Windows8.1-KB3157569-x64.msu 6ECE495790D4B4AF4F8089E41A835ED4DA1DF34C 2615FDAD53DDCE2D19944B0D30D44E81D7393CF107421872824ABDFED7A02304

__

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). Be aware that dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time bias. The dates and times may also change when you perform certain operations on the files.Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2 file informationNotes

* The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version Product Milestone Service branch
6.3.960 0.16xxx Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 RTM GDR
6.3.960 0.17xxx Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 RTM GDR
6.3.960 0.18xxx Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 RTM GDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
    For all supported x86-based versionsFile name| File version| File size| Date| Time| Platform
    —|—|—|—|—|—
    Windows.data.pdf.dll| 6.3.9600.18336| 5,265,920| 09-May-2016| 20:23| x86
    Glcndfilter.dll| 6.3.9600.18336| 5,270,016| 09-May-2016| 20:56| x86
    For all supported ARM-based versionsFile name| File version| File size| Date| Time| Platform
    —|—|—|—|—|—
    Windows.data.pdf.dll| 6.3.9600.18336| 5,611,008| 09-May-2016| 20:19| Not applicable
    Glcndfilter.dll| 6.3.9600.18336| 5,309,952| 09-May-2016| 20:40| Not applicable
    For all supported x64-based versionsFile name| File version| File size| Date| Time| Platform
    —|—|—|—|—|—
    Windows.data.pdf.dll| 6.3.9600.18336| 7,793,152| 09-May-2016| 20:45| x64
    Glcndfilter.dll| 6.3.9600.18336| 7,075,328| 09-May-2016| 21:35| x64
    Windows.data.pdf.dll| 6.3.9600.18336| 5,265,920| 09-May-2016| 20:23| x86
    Glcndfilter.dll| 6.3.9600.18336| 5,270,016| 09-May-2016| 20:56| x86
    Windows Server 2012 file informationNotes

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version| Product| Milestone| Service branch
    —|—|—|—
    6.2.920 0.17xxx| Windows 8, Windows RT, or Windows Server 2012| RTM| GDR
    6.2.920 0.21xxx| Windows 8, Windows RT, or Windows Server 2012| RTM| LDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
    For all supported x64-based versionsFile name| File version| File size| Date| Time| Platform
    —|—|—|—|—|—
    Glcndfilter.dll| 6.2.9200.21860| 11,462,144| 11-May-2016| 15:47| x64
    Glcndfilter.dll| 6.2.9200.21860| 8,552,448| 11-May-2016| 16:49| x86

Related

mscve 3
mskb 4
nessus 2
openvas 2
cve 3
prion 3
symantec 3
zdi 2
checkpoint_advisories 3
kaspersky 2
mscve
mscve
Windows PDF Information Disclosure Vulnerability
2016-06-14 07:00:00
Windows PDF Information Disclosure Vulnerability
2016-06-14 07:00:00
Windows PDF Remote Code Execution
2016-06-14 07:00:00
mskb
mskb
MS16-080: Security update for Microsoft Windows PDF: June 14, 2016
2016-06-14 00:00:00
MS16-068: Cumulative security update for Microsoft Edge: June 14, 2016
2016-06-14 00:00:00
Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016
2016-06-16 07:00:00
nessus
nessus
MS16-080: Security Update for Microsoft Windows PDF (3164302)
2016-06-14 00:00:00
MS16-068: Cumulative Security Update for Microsoft Edge (3163656)
2016-06-14 00:00:00
openvas
openvas
Microsoft Windows PDF Library Multiple Vulnerabilities (3164302)
2016-06-15 00:00:00
Microsoft Edge Multiple Vulnerabilities (3163656)
2016-06-15 00:00:00
cve
cve
CVE-2016-3215
2016-06-16 01:59:00
CVE-2016-3201
2016-06-16 01:59:00
CVE-2016-3203
2016-06-16 01:59:00
prion
prion
Information disclosure
2016-06-16 01:59:00
Information disclosure
2016-06-16 01:59:00
Remote code execution
2016-06-16 01:59:00
symantec
symantec
Microsoft Windows PDF Library CVE-2016-3203 Remote Code Execution Vulnerability
2016-06-14 00:00:00
Microsoft Windows PDF Library CVE-2016-3201 Information Disclosure Vulnerability
2016-06-14 00:00:00
Microsoft Windows PDF Library CVE-2016-3215 Information Disclosure Vulnerability
2016-06-14 00:00:00
zdi
zdi
Microsoft Windows PDF Library AES Encryption Out-Of-Bounds Read Information Disclosure Vulnerability
2016-06-22 00:00:00
Microsoft Windows PDF Library JPEG2000 COD Out-Of-Bounds Read Information Disclosure Vulnerability
2016-06-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows PDF Library Information Disclosure (MS16-080: CVE-2016-3215)
2016-06-14 00:00:00
Microsoft Windows PDF Library Information Disclosure (MS16-080: CVE-2016-3201)
2016-06-14 00:00:00
Microsoft Windows PDF Library Remote Code Execution (MS16-080: CVE-2016-3203; CVE-2016-3370)
2016-09-13 00:00:00
kaspersky
kaspersky
KLA10829 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
2016-06-14 00:00:00
KLA10825 Multiple vulnerabilities in Microsoft Windows
2016-06-14 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.937 High

EPSS

Percentile

99.1%

JSON
Related for KB3157569
mscve3mskb4nessus2openvas2cve3prion3symantec3zdi2checkpoint_advisories3kaspersky2