Multiple vulnerabilities in Microsoft Windows

Описание

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

1. An improper memory objects handling at Microsoft Video Control can be exploited remotely via a specially designed file or application to execute arbitrary code;
2. An improper memory objects handling at kernel-mode driver ca be exploited by logged in attacker via a specially designed application to gain privileges;
3. An improper memory objects handling at Windows Transaction Manager can be exploited by logged in attacker via a specially designed application to gain privileges;
4. Lack of registry access restrictions at Windows Kernel API can be exploited by logged in attacker via a specially designed application to obtain sensitive information;
5. Lack of input sanitization at Windows Diagnostics Hub Standard Collector Service can be exploited by logged in attacker to gain privileges;
6. An improper memory objects handling at Internet Messaging API can be exploited remotely via a specially designed content to obtain sensitive information.

Первичный источник обнаружения

• CVE-2016-3270
  CVE-2016-3263
  CVE-2016-3209
  CVE-2016-3262
  CVE-2016-7182
  CVE-2016-3396
  CVE-2016-3393
  CVE-2016-3298
  CVE-2016-3376
  CVE-2016-3341
  CVE-2016-3266
  CVE-2016-0070
  CVE-2016-0073
  CVE-2016-0075
  CVE-2016-0079
  CVE-2016-0142
  CVE-2016-7211
  CVE-2016-7188
  CVE-2016-7185
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows-Vista-2
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2016-3270
  critical
• CVE-2016-3263
  warning
• CVE-2016-3209
  warning
• CVE-2016-3262
  warning
• CVE-2016-7182
  critical
• CVE-2016-3396
  critical
• CVE-2016-3393
  critical
• CVE-2016-3298
  warning
• CVE-2016-3376
  critical
• CVE-2016-3341
  critical
• CVE-2016-3266
  critical
• CVE-2016-0070
  warning
• CVE-2016-0073
  warning
• CVE-2016-0075
  warning
• CVE-2016-0079
  warning
• CVE-2016-0142
  critical
• CVE-2016-7211
  high
• CVE-2016-7188
  high
• CVE-2016-7185
  high

Список KB

• 4038788
• 3183431
• 3192441
• 3191203
• 3190847
• 3194798
• 3191256
• 3192440
• 3185331
• 3193515
• 3185332
• 3192393
• 3192392
• 3200970

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com