Test ID:	1.3.6.1.4.1.25623.1.0.807837
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Explorer Multiple Vulnerabilities (3163649)
Summary:	This host is missing a critical security; update according to Microsoft Bulletin MS16-063.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-063. Vulnerability Insight: Multiple flaws exist due to: - An error when Internet Explorer improperly accesses objects in memory. - An error in the way that the JScript 9, JScript, and VBScript engines render when handling objects in memory. - Internet Explorer XSS Filter does not properly validate JavaScript under specific conditions. - An error when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. Vulnerability Impact: Successful exploitation will allow remote attackers to bypass security, gain elevated privileges and execute arbitrary code on the affected system. Affected Software/OS: Microsoft Internet Explorer version 9.x/10.x/11.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0199 Bugtraq: 20160617 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion (Google Search) http://www.securityfocus.com/archive/1/538706/100/0/threaded https://www.exploit-db.com/exploits/39994/ http://seclists.org/fulldisclosure/2016/Jun/44 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1226 http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html Microsoft Security Bulletin: MS16-063 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 http://www.securitytracker.com/id/1036096 Common Vulnerability Exposure (CVE) ID: CVE-2016-0200 http://www.zerodayinitiative.com/advisories/ZDI-16-365 Common Vulnerability Exposure (CVE) ID: CVE-2016-3202 Microsoft Security Bulletin: MS16-068 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068 http://www.securitytracker.com/id/1036099 Common Vulnerability Exposure (CVE) ID: CVE-2016-3205 Microsoft Security Bulletin: MS16-069 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-069 http://www.securitytracker.com/id/1036097 Common Vulnerability Exposure (CVE) ID: CVE-2016-3206 Common Vulnerability Exposure (CVE) ID: CVE-2016-3207 Common Vulnerability Exposure (CVE) ID: CVE-2016-3210 BugTraq ID: 91106 http://www.securityfocus.com/bid/91106 Common Vulnerability Exposure (CVE) ID: CVE-2016-3211 http://www.zerodayinitiative.com/advisories/ZDI-16-366 Common Vulnerability Exposure (CVE) ID: CVE-2016-3212 BugTraq ID: 91105 http://www.securityfocus.com/bid/91105 Common Vulnerability Exposure (CVE) ID: CVE-2016-3213 Microsoft Security Bulletin: MS16-077 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-077 http://www.securitytracker.com/id/1036104
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.