Description
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or gain privileges.
Below is a complete list of vulnerabilities
- An improper input validation can be exploited by logged in attacker via a specially designed application to execute arbitrary code;
- An improper OpenType fonts handling at Windows Adobe Type Manager Library can be exploited remotely via a specially designed content to cause denial of service or execute arbitrary code;
- An improper resources handling at media library can be exploited remotely via a specially designed media content to execute arbitrary code;
- An improper .pdf parsing can be exploited remotely via a specially designed pdf file to execute arbitrary code;
- An improper input validation at OLE can be exploited remotely via a specially designed file, application or content to execute arbitrary code;
- An improper memory handlers sanitization can be exploited by logged in attacker to gain privileges;
- An improper request handling at Secondary Logon Service can be exploited by logged in attacker via a specially designed application to gain privileges;
- An improper memory objects validation at USB Mass Storage Class can be exploited by attacker with physical access via a specially designed USB device to gain privileges;
- An improper memory objects handling at Windows kernel-mode can be exploited by logged in attacker via a specially designed application to cause denial of service.
Technical details
Vulnerability (2) can be mitigated by renaming ATMFD.DLL and optionally (Fir Windows 8 and later OS) disabling ATMFD via registry. For further instructions you can navigate to MS16-026 listed in original advisories section.
Original advisories
- CVE-2016-0095
- CVE-2016-0121
- CVE-2016-0120
- CVE-2016-0118
- CVE-2016-0087
- CVE-2016-0091
- CVE-2016-0092
- CVE-2016-0093
- CVE-2016-0098
- CVE-2016-0096
- CVE-2016-0100
- CVE-2016-0099
- CVE-2016-0101
- CVE-2016-0133
- CVE-2016-0117
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows-Vista-4
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
CVE list
- CVE-2016-0094 critical
- CVE-2016-0095 critical
- CVE-2016-0121 critical
- CVE-2016-0120 high
- CVE-2016-0118 critical
- CVE-2016-0087 critical
- CVE-2016-0091 critical
- CVE-2016-0092 critical
- CVE-2016-0093 critical
- CVE-2016-0098 critical
- CVE-2016-0096 critical
- CVE-2016-0100 critical
- CVE-2016-0099 critical
- CVE-2016-0101 critical
- CVE-2016-0133 high
- CVE-2016-0117 critical
KB list
- 3140768
- 3140745
- 3139398
- 3139940
- 3140709
- 3143136
- 3138962
- 3139914
- 3140735
- 3143145
- 3143146
- 3140410
- 3143141
- 3143142
- 3143081
- 3139852
- 3137513
- 3143148
- 3138910
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com