CVE-2016-3313 Microsoft Office Remote Code Execution Vulnerabilities (MS16-099)漏洞银行丨0day Bank

漏洞信息

– Multiple remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.

– An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents.

Microsoft has released a security update that addresses the vulnerabilities by correcting how:
– Office handles objects in memory
– Certain functions handle objects in memory
– Windows validates input before loading libraries

漏洞危害

The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.

解决方案

Refer to MS16-099 for more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

MS16-099: Microsoft Office 2007 Service Pack 3

MS16-099: Microsoft Office 2007 Service Pack 3

MS16-099: Microsoft OneNote 2007 Service Pack 3

MS16-099: Microsoft Word 2007 Service Pack 3

MS16-099: Microsoft Office 2010 Service Pack 2 (32-bit editions)

MS16-099: Microsoft Office 2010 Service Pack 2 (64-bit editions)

MS16-099: Microsoft Office 2010 Service Pack 2 (32-bit editions)

MS16-099: Microsoft Office 2010 Service Pack 2 (64-bit editions)

MS16-099: Microsoft Office 2010 Service Pack 2 (32-bit editions)

MS16-099: Microsoft Office 2010 Service Pack 2 (64-bit editions)

MS16-099: Microsoft OneNote 2010 Service Pack 2 (32-bit editions)

MS16-099: Microsoft OneNote 2010 Service Pack 2 (64-bit editions)

MS16-099: Microsoft Word 2010 Service Pack 2 (32-bit editions)

MS16-099: Microsoft Word 2010 Service Pack 2 (64-bit editions)

MS16-099: Microsoft Office 2013 Service Pack 1 (32-bit editions)

MS16-099: Microsoft Office 2013 Service Pack 1 (64-bit editions)

MS16-099: Microsoft Office 2013 Service Pack 1 (32-bit editions)

MS16-099: Microsoft Office 2013 Service Pack 1 (64-bit editions)

MS16-099: Microsoft OneNote 2013 Service Pack 1 (32-bit editions)

MS16-099: Microsoft OneNote 2013 Service Pack 1 (64-bit editions)

MS16-099: Microsoft Word 2013 Service Pack 1 (32-bit editions)

MS16-099: Microsoft Word 2013 Service Pack 1 (64-bit editions)

MS16-099: Microsoft Office 2016 (32-bit edition)

MS16-099: Microsoft Office 2016 (64-bit edition)

MS16-099: Microsoft OneNote 2016 (32-bit edition)

MS16-099: Microsoft OneNote 2016 (64-bit edition)

MS16-099: Microsoft Word 2016 (32-bit edition)

MS16-099: Microsoft Word 2016 (64-bit edition)

MS16-099: Microsoft Word Viewer

MS16-099: Microsoft Word Viewer

MS16-099: Microsoft Outlook 2007 Service Pack 3

MS16-099: Microsoft Outlook 2010 Service Pack 2 (32-bit editions)

MS16-099: Microsoft Outlook 2010 Service Pack 2 (64-bit editions)

MS16-099: Microsoft Outlook 2013 Service Pack 1 (32-bit editions)

MS16-099: Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

MS16-099: Microsoft Outlook 2016 (32-bit edition)

MS16-099: Microsoft Outlook 2016 (64-bit edition)

www.0daybank.org

CVE-2016-3319 Microsoft Windows PDF Library Remote Code Execution Vulnerability (MS16-102)漏洞银行丨0day Bank

漏洞信息

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory.

This security update is rated Critical for all supported editions of Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10.

漏洞危害

Successful exploitation allows attacker to execute arbitrary code.

www.0daybank.org

CVE-2016-3237 Microsoft Windows Authentication Methods Elevation of Privileges (MS16-101)漏洞银行丨0day Bank

漏洞信息

Microsoft Windows Authentication is vulnerable to multiple Elevation of Privilege issues.
The security update resolves the following vulnerabilities:

An elevation of privilege vulnerability exists when Windows Netlogon improperly establishes a secure communications channel to a domain controller. (CVE-2016-3300)

An elevation of privilege vulnerability exists in Windows when Kerberos improperly handles a password change request and falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol. (CVE-2016-3237)

This security update is rated Important for all supported releases of Microsoft Windows.

漏洞危害

Successfully exploiting this vulnerability might allow a local attacker to execute arbitrary code or bypass Kerberos authentication.

www.0daybank.org

CVE-2016-3320 Microsoft Secure Boot Security Feature Bypass Vulnerability (MS16-100)漏洞银行丨0day Bank

漏洞信息

A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot manager that is affected by the vulnerability. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded onto a target device. Furthermore, the attacker could bypass Secure Boot Integrity Validation for BitLocker and Device Encryption security features. The security update addresses the vulnerability by blacklisting affected boot managers.

This security update is rated Important for all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.

漏洞危害

Successful exploitation allows an attacker who has gained administrative privileges or who has physical access to a target device could install an affected boot manager.

www.0daybank.org

CVE-2016-3312Microsoft Windows ActiveSyncProvider Information Disclosure Vulnerability (MS16-103)漏洞银行丨0day Bank

漏洞信息

This security update resolves a vulnerability in Microsoft Windows.
The update addresses the vulnerability by preventing Universal Outlook from disclosing usernames and passwords.
This security update is rated Important for Windows 10 and Windows 10 Version 1511.

漏洞危害

The vulnerability could allow information disclosure when Universal Outlook fails to establish a secure connection.

www.0daybank.org

CVE-2016-3288 Microsoft Cumulative Security Update for Internet Explorer (MS16-095)漏洞银行丨0day Bank

漏洞信息

This security update is rated Critical for Internet Explorer 9 (IE 9), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.

The update addresses the vulnerabilities by modifying how Internet Explorer and certain functions handle objects in memory.

漏洞危害

The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

www.0daybank.org

CVE-2016-3301 Microsoft Graphics Component Remote Code Execution Vulnerabilities (MS16-097)漏洞银行丨0day Bank

漏洞信息

The security update addresses the vulnerabilities by correcting how the Windows font library handles embedded fonts.

This security update is rated Critical for:
– All supported releases of Microsoft Windows.
– Affected editions of Microsoft Office 2007 and Microsoft Office 2010.
– Affected editions of Skype for Business 2016, Microsoft Lync 2013, and Microsoft Lync 2010

漏洞危害

The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.

解决方案

Refer to MS16-097 for more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

MS16-097: Windows Vista Service Pack 2

MS16-097: Windows Vista x64 Edition Service Pack 2

MS16-097: Windows Server 2008 for 32-bit Systems Service Pack 2

MS16-097: Windows Server 2008 for x64-based Systems Service Pack 2

MS16-097: Windows Server 2008 for Itanium-based Systems Service Pack 2

MS16-097: Windows 7 for 32-bit Systems Service Pack 1

MS16-097: Windows 7 for x64-based Systems Service Pack 1

MS16-097: Windows Server 2008 R2 for x64-based Systems Service Pack 1

MS16-097: Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

MS16-097: Windows 8.1 for 32-bit Systems

MS16-097: Windows 8.1 for x64-based Systems

MS16-097: Windows Server 2012

MS16-097: Windows Server 2012 R2

MS16-097: Windows 10 for 32-bit Systems

MS16-097: Windows 10 for x64-based Systems

MS16-097: Windows 10 Version 1511 for 32-bit Systems

MS16-097: Windows 10 Version 1511 for x64-based Systems

MS16-097: Windows 10 Version 1607 for 32-bit Systems

MS16-097: Windows 10 Version 1607 for x64-based Systems

MS16-097: Microsoft Office 2007 Service Pack 3

MS16-097: Microsoft Office 2010 Service Pack 2 (32-bit editions)

MS16-097: Microsoft Office 2010 Service Pack 2 (64-bit editions)

MS16-097: Microsoft Word Viewer

MS16-097: Skype for Business 2016

MS16-097: Skype for Business Basic 2016

MS16-097: Skype for Business 2016

MS16-097: Skype for Business Basic 2016

MS16-097: Microsoft Lync 2013 Service Pack 1

MS16-097: Microsoft Lync Basic 2013 Service Pack 1

MS16-097: Microsoft Lync 2013 Service Pack 1

MS16-097: Microsoft Lync Basic 2013 Service Pack 1

MS16-097: Microsoft Lync 2010

MS16-097: Microsoft Lync 2010

MS16-097: Microsoft Lync 2010 Attendee

MS16-097: Microsoft Lync 2010 Attendee

MS16-097: Microsoft Live Meeting 2007 Console

 原文来源:http://www.aqdog.com

www.0daybank.org

CVE-2016-3308 Microsoft Windows Security Update for Windows Kernel-Mode Drivers (MS16-098)漏洞银行丨0day Bank

漏洞信息

Multiple elevation of privilege vulnerabilities exist when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit these vulnerabilities, an attacker would first have to log on to the system.
The update addresses the vulnerabilities by correcting how the Windows kernel-mode driver handles objects in memory.

This security update is rated Important for all supported releases of Windows.

漏洞危害

Successful exploitation could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

www.0daybank.org

Microsoft Edge Cumulative Security Update (MS16-096)漏洞银行丨0day Bank

漏洞信息

This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.

This security update is rated Critical for Microsoft Edge on Windows 10.

漏洞危害

An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.

 原文来源:http://www.aqdog.com

www.0daybank.org

漏洞银行丨0day Bank丨一个专门收集整理公开发布的漏洞网站

0DAYbank一个全新的互联网漏洞公开播报网站,本站主要通过网络搜集全球互联网公开漏洞,统计分析,为部署安全型网络提供强有力的参考.本站工作人员均不参与黑客行为,所有数据均来源于互联网。目前已经覆盖全球500多家企业和地区,为安全研究人员提供强有力参考分析。www.0daybank.org