Kaspersky Threats

Описание

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information or gain privileges.

Below is a complete list of vulnerabilities:

An improper handling of objects in memory while running a Windows Crypto driver in kernel mode can be exploited locally via a specially designed application to obtain sensitive information;
Improper sanitizing of input (which leads to an insecure library loading behavior) in the Windows Installer can be exploited locally via a specially designed application to gain privileges;
An improper handling of objects in memory in the Windows Common Log File System (CLFS) can be exploited locally via a specially designed application to obtain sensitive information from process memory.

Первичный источник обнаружения

MS16-149
MS16-153
CVE-2016-7271
CVE-2016-7273
CVE-2016-7272
CVE-2016-7257
CVE-2016-7281
CVE-2016-7279
CVE-2016-7278
CVE-2016-7283
CVE-2016-7282
CVE-2016-7292
CVE-2016-7274
CVE-2016-7295
CVE-2016-7219
CVE-2016-7258
CVE-2016-7259
CVE-2016-7260

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2016-7271
warning
CVE-2016-7273
critical
CVE-2016-7272
critical
CVE-2016-7257
warning
CVE-2016-7281
warning
CVE-2016-7279
critical
CVE-2016-7278
warning
CVE-2016-7283
critical
CVE-2016-7282
warning
CVE-2016-7292
high
CVE-2016-7274
critical
CVE-2016-7295
warning
CVE-2016-7219
warning
CVE-2016-7258
warning
CVE-2016-7259
high
CVE-2016-7260
high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!