Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Windows can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Open Type Font can be exploited remotely via specially crafted to obtain sensitive information.
An information disclosure vulnerability in Windows Bowser.sys can be exploited remotely via specially crafted application to obtain sensitive information.
An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
A remote code execution vulnerability in Microsoft Video Control can be exploited remotely via specially crafted file to execute arbitrary code.
An information disclosure vulnerability in Microsoft Browser can be exploited remotely to obtain sensitive information.
A memory corruption vulnerability in Windows Animation Manager can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows IME can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
An elevation of privilege vulnerability in Windows NTLM can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted application to obtain sensitive information.
A denial of service vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted request to cause denial of service.
A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2016-7239
warning
CVE-2016-7227
warning
CVE-2016-7195
critical
CVE-2016-7198
critical
CVE-2016-7199
warning
CVE-2016-7202
critical
CVE-2016-7256
critical
CVE-2016-7255
critical
CVE-2016-7248
critical
CVE-2016-7246
critical
CVE-2016-7238
critical
CVE-2016-7237
high
CVE-2016-0026
critical
CVE-2016-3332
critical
CVE-2016-3333
critical
CVE-2016-3334
critical
CVE-2016-3335
critical
CVE-2016-3338
critical
CVE-2016-3340
critical
CVE-2016-3342
critical
CVE-2016-3343
critical
CVE-2016-7184
critical
CVE-2016-7205
critical
CVE-2016-7210
high
CVE-2016-7212
critical
CVE-2016-7214
warning
CVE-2016-7215
critical
CVE-2016-7216
high
CVE-2016-7218
warning
CVE-2016-7221
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!