Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Media Center can be exploited remotely via specially crafted to execute arbitrary code.
2. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
3. Security bypass vulnerability in Windows can be exploited remotely via specially crafted application to bypass security restrictions.
4. An elevation of privilege vulnerability in Microsoft DirectX Graphics Kernel Subsystem can be exploited remotely via specially crafted application to gain privileges.
5. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
6. A memory corruption vulnerability in Windows Imaging Component can be exploited remotely via specially crafted website to execute arbitrary code.
7. A remote code execution vulnerability in Windows DLL Loading can be exploited remotely to execute arbitrary code.
8. An information disclosure vulnerability in Windows Graphics Component can be exploited remotely via specially crafted document to obtain sensitive information.
9. An elevation of privilege vulnerability in DirectX can be exploited remotely via specially crafted application to gain privileges.
10. An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
11. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
12. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely via specially crafted website to execute arbitrary code.
13. An information disclosure vulnerability in Remote Desktop Protocol Drive Redirection can be exploited remotely to obtain sensitive information.
14. Use-after-free vulnerability in GDI can be exploited remotely via specially crafted website to execute arbitrary code.
15. A memory corruption vulnerability in Windows Journal can be exploited remotely via specially crafted to execute arbitrary code.
16. A remote code execution vulnerability in RPC Network Data Representation Engine can be exploited remotely via specially crafted to execute arbitrary code.
17. A remote code execution vulnerability in Windows Shell can be exploited remotely via specially crafted content to execute arbitrary code.

Первичный источник обнаружения

• CVE-2016-0185
  CVE-2016-0189
  CVE-2016-0181
  CVE-2016-0197
  CVE-2016-0196
  CVE-2016-0195
  CVE-2016-0152
  CVE-2016-0168
  CVE-2016-0176
  CVE-2016-0174
  CVE-2016-0175
  CVE-2016-0180
  CVE-2016-0173
  CVE-2016-0170
  CVE-2016-0171
  CVE-2016-0190
  CVE-2016-0184
  CVE-2016-0169
  CVE-2016-0182
  CVE-2016-0178
  CVE-2016-0179
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Vista-2
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2016-0185
  critical
• CVE-2016-0189
  critical
• CVE-2016-0181
  high
• CVE-2016-0197
  critical
• CVE-2016-0196
  critical
• CVE-2016-0195
  critical
• CVE-2016-0152
  critical
• CVE-2016-0168
  high
• CVE-2016-0176
  critical
• CVE-2016-0174
  critical
• CVE-2016-0175
  warning
• CVE-2016-0180
  critical
• CVE-2016-0173
  critical
• CVE-2016-0170
  critical
• CVE-2016-0171
  critical
• CVE-2016-0190
  high
• CVE-2016-0184
  critical
• CVE-2016-0169
  high
• CVE-2016-0182
  critical
• CVE-2016-0178
  critical
• CVE-2016-0179
  critical

Список KB

• 3156421
• 3156059
• 3156016
• 3153704
• 3155784
• 3156387
• 3156013
• 3141083
• 3156019
• 3155178
• 3153171
• 3156017
• 3153199
• 3158991
• 3150220

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com