Multiple vulnerabilities in Microsoft Graphics Component

Описание

Multiple serious vulnerabilities have been found in Microsoft Graphics Component as used in multiple Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges.

Below is a complete list of vulnerabilities

1. An improper memory objects handling at Windows kernel-mode driver can be exploited by logged in attacker via a specially designed application to gain privileges;
2. An improper handling of embedded fonts can be exploited remotely via a specially designed content to execute arbitrary code.

---

Technical details

Vulnerability (1) when exploited allows user gain system privileges;

Первичный источник обнаружения

• CVE-2016-0143
  CVE-2016-0145
  CVE-2016-0165
  CVE-2016-0167
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-.NET-Framework
• Microsoft-Lync
• Microsoft-Office
• Microsoft-Windows-Vista-2
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2016-0143
  critical
• CVE-2016-0145
  critical
• CVE-2016-0165
  critical
• CVE-2016-0167
  critical

Список KB

• 3147461
• 3147458
• 3145739
• 3114960
• 3114985
• 3114566
• 3144429
• 3114944
• 3144432
• 3144427
• 3144428
• 3114542
• 3144431
• 3142045
• 3142042
• 3142043
• 3142041
• 3148522

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com