Windows : Microsoft Bulletins : Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3192892)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.809343

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3192892)

Zusammenfassung: This host is missing an important security; update according to Microsoft Bulletin MS16-123.

Beschreibung: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS16-123.

Vulnerability Insight:
Multiple flaws exist due to:

- The kernel-mode driver fails to properly handle objects in memory.

- The Windows Transaction Manager improperly handles objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
could run arbitrary code in kernel mode. An attacker could then install programs
view, change, or delete data, or create new accounts with full user rights, and
take control over the affected system.

Affected Software/OS:
- Microsoft Windows Vista x32/x64 Service Pack 2

- Microsoft Windows Server 2008 x32/x64 Service Pack 2

- Microsoft Windows 7 x32/x64 Service Pack 1

- Microsoft Windows Server 2008 R2 x64 Service Pack 1

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows Server 2012/2012R2

- Microsoft Windows 10 x32/x64

- Microsoft Windows 10 Version 1511 x32/x64

- Microsoft Windows 10 Version 1607 x32/x64

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-3266
BugTraq ID: 93384
http://www.securityfocus.com/bid/93384
Microsoft Security Bulletin: MS16-123
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-123
http://www.securitytracker.com/id/1036996
Common Vulnerability Exposure (CVE) ID: CVE-2016-3376
BugTraq ID: 93388
http://www.securityfocus.com/bid/93388
Common Vulnerability Exposure (CVE) ID: CVE-2016-7185
BugTraq ID: 93389
http://www.securityfocus.com/bid/93389
https://www.exploit-db.com/exploits/40572/
Common Vulnerability Exposure (CVE) ID: CVE-2016-7211
BugTraq ID: 93556
http://www.securityfocus.com/bid/93556
Common Vulnerability Exposure (CVE) ID: CVE-2016-3341
BugTraq ID: 93391
http://www.securityfocus.com/bid/93391

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.809343
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3192892)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Bulletin MS16-123.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS16-123. Vulnerability Insight: Multiple flaws exist due to: - The kernel-mode driver fails to properly handle objects in memory. - The Windows Transaction Manager improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker could run arbitrary code in kernel mode. An attacker could then install programs view, change, or delete data, or create new accounts with full user rights, and take control over the affected system. Affected Software/OS: - Microsoft Windows Vista x32/x64 Service Pack 2 - Microsoft Windows Server 2008 x32/x64 Service Pack 2 - Microsoft Windows 7 x32/x64 Service Pack 1 - Microsoft Windows Server 2008 R2 x64 Service Pack 1 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows 10 Version 1607 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3266 BugTraq ID: 93384 http://www.securityfocus.com/bid/93384 Microsoft Security Bulletin: MS16-123 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-123 http://www.securitytracker.com/id/1036996 Common Vulnerability Exposure (CVE) ID: CVE-2016-3376 BugTraq ID: 93388 http://www.securityfocus.com/bid/93388 Common Vulnerability Exposure (CVE) ID: CVE-2016-7185 BugTraq ID: 93389 http://www.securityfocus.com/bid/93389 https://www.exploit-db.com/exploits/40572/ Common Vulnerability Exposure (CVE) ID: CVE-2016-7211 BugTraq ID: 93556 http://www.securityfocus.com/bid/93556 Common Vulnerability Exposure (CVE) ID: CVE-2016-3341 BugTraq ID: 93391 http://www.securityfocus.com/bid/93391
Copyright	Copyright (C) 2016 Greenbone AG