Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (3124584)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.807028

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (3124584)

Zusammenfassung: This host is missing a critical security; update according to Microsoft Bulletin MS16-005.

Beschreibung: Summary:
This host is missing a critical security
update according to Microsoft Bulletin MS16-005.

Vulnerability Insight:
Multiple flaws are due to:

- A security feature bypass vulnerability exists in the way Windows graphics
device interface handles objects in memory.

- An error in the way Windows handles objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to bypass Address Space Layout Randomization (ASLR) protection mechanisms and
gain access to sensitive informationand to execute arbitrary code in the
context of the currently logged-in user.

Affected Software/OS:
- Microsoft Windows 8 x32/x64

- Microsoft Windows 10 x32/x64

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012/2012R2

- Microsoft Windows 10 Version 1511 x32/x64

- Microsoft Windows Vista x32/x64 Service Pack 2

- Microsoft Windows Server 2008 x32/x64 Service Pack 2

- Microsoft Windows 7 x32/x64 Service Pack 1

- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-0009
Microsoft Security Bulletin: MS16-005
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-005
http://www.securitytracker.com/id/1034654
Common Vulnerability Exposure (CVE) ID: CVE-2016-0008
https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1216

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.807028
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (3124584)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft Bulletin MS16-005.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-005. Vulnerability Insight: Multiple flaws are due to: - A security feature bypass vulnerability exists in the way Windows graphics device interface handles objects in memory. - An error in the way Windows handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to bypass Address Space Layout Randomization (ASLR) protection mechanisms and gain access to sensitive informationand to execute arbitrary code in the context of the currently logged-in user. Affected Software/OS: - Microsoft Windows 8 x32/x64 - Microsoft Windows 10 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows Vista x32/x64 Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Service Pack 2 - Microsoft Windows 7 x32/x64 Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0009 Microsoft Security Bulletin: MS16-005 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-005 http://www.securitytracker.com/id/1034654 Common Vulnerability Exposure (CVE) ID: CVE-2016-0008 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1216
Copyright	Copyright (C) 2016 Greenbone AG