Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information.
Below is a complete list of vulnerabilities
- Lack of print driver validation restrictions at Windows Print Spooler can be exploited from adjacent network via man-in-the-middle attack or spoofing printer to execute arbitrary code;
- Lack of filesystem writing restrictions at Windows Print Spooler can be exploited by logged in attacker via a specially designed application to gain privileges;
- An improper memory objects handling at Windows Kernel Mode can be exploited by logged in attacker via a specially designed application to obtain sensitive information, gain privileges;
- Lack of memory information disclosure restrictions at Windows GDI can be exploited by logged in attacker via a specially designed application to obtain sensitive information;
- An unknown vulnerability at Windows Kernel can be exploited by logged in attacker to bypass security restrictions;
- An improper page fault calls handling can be exploited by logged in attacker via a specially designed application to obtain sensitive information;
- An improper policy handling can be exploited locally or by administer-rights attacker via a policy manipulations to bypass security restrictions.
Technical details
To mitigate (1) vulnerability you can change Point and Print Restrictions policies to enable users to print only to specific trusted print servers. More detailed information about this mitigation could be found at MS16-087 advisory, listed in original advisories section.
To mitigate (7) vulnerability you can configure BitLocker to use TPM+PIN protection or disable Secure Boot integrity protection of BitLocker. More detailed information about these mitigations could be found at MS16-094 advisory listed in original advisories section.
Ursprüngliche Informationshinweise
- CVE-2016-3239
- CVE-2016-3249
- CVE-2016-3287
- CVE-2016-3258
- CVE-2016-3256
- CVE-2016-3254
- CVE-2016-3286
- CVE-2016-3252
- CVE-2016-3250
- CVE-2016-3251
CVE Liste
- CVE-2016-3238 critical
- CVE-2016-3239 critical
- CVE-2016-3249 critical
- CVE-2016-3287 critical
- CVE-2016-3258 critical
- CVE-2016-3256 critical
- CVE-2016-3254 critical
- CVE-2016-3286 critical
- CVE-2016-3252 critical
- CVE-2016-3250 critical
- CVE-2016-3251 critical
KB Liste
- 3172985
- 3170377
- 3163912
- 3170455
- 3168965
- 3172727
- 4038782
- 4038786
- 4038783
- 4038792
- 4038799
- 4038793
- 4038781
- 4038779
- 4038777
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com