Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Microsoft releases monthly set of security bulletins and patches for current supported products. Two of the bulletins in yesterday’s release are rated critical and address CVE-2016-3319, a arbitrary code execution vulnerability in Microsoft Edge and in the Windows PDF library. A user who opens a specifically crafted PDF file on a vulnerable system could result in the system executing arbitrary code of an attacker’s choosing. A workaround is available that can reduce the risk of compromise for Windows 10 based PCs where Edge is the default browser.”]
Source: https://blog.talosintelligence.com/2016/08/ms-pdf-vulnerability.html