Intrusion Prevention

MS.Windows.GDI.Component.EMF.RLE8.Memory.Corruption

Description

This indicates an attack attempt to exploit a remote Code Execution vulnerability in Microsoft Windows.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted file.

Affected Products

Microsoft Live Meeting Console 2007
Microsoft Lync 2010
Microsoft Lync 2010 Attendee
Microsoft Lync 2013 Service Pack 1
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Skype for Business 2016
Microsoft Skype for Business Basic 2016
Microsoft Windows 7 Service Pack 1
Microsoft Windows 8.1
Microsoft Windows 10
Microsoft Windows 10 Version 1511
Microsoft Windows RT 8.1
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core Installation)
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows Server 2008 Service Pack 2 (Server Core Installation)
Microsoft Windows Server 2012
Microsoft Windows Server 2012 (Server Core installation)
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 R2 (Server Core installation)
Microsoft Windows Vista Service Pack 2
Microsoft Word Viewer all versions (at the time of alert)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2016-3262 CVE-2016-3301