Kaspersky Threats

KLA10922
Multiple vulnerabilities in Microsoft Windows

Обновлено: 10/09/2020

Дата обнаружения	13/12/2016
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: A remote code execution vulnerability in Windows Graphics Component can be exploited remotely via specially crafted website to execute arbitrary code. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
Пораженные продукты	Microsoft Windows Server 2016 Microsoft Windows 7 Microsoft Windows 8.1 Microsoft Windows RT 8.1 Microsoft Windows 10 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2016-7273 CVE-2016-7272 CVE-2016-7257
Оказываемое влияние ?	ACE [?] OSI [?]
Связанные продукты	Microsoft Office Microsoft Windows Microsoft Windows Server Microsoft Windows Vista Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10
CVE-IDS	CVE-2016-72739.3Critical CVE-2016-72729.3Critical CVE-2016-72574.3Warning
Microsoft official advisories	Microsoft Security Update Guide
KB list	3205386 3205383 3205401 3205400 3205408 3205409 3206632 3204724 3205638
Эксплуатация	Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.