KLA11832 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
2. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
3. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
4. A remote code execution vulnerability in Windows can be exploited remotely to execute arbitrary code.
5. An information disclosure vulnerability in Open Type Font can be exploited remotely via specially crafted to obtain sensitive information.
6. An information disclosure vulnerability in Windows Bowser.sys can be exploited remotely via specially crafted application to obtain sensitive information.
7. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
8. A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
9. A remote code execution vulnerability in Microsoft Video Control can be exploited remotely via specially crafted file to execute arbitrary code.
10. An information disclosure vulnerability in Microsoft Browser can be exploited remotely to obtain sensitive information.
11. A memory corruption vulnerability in Windows Animation Manager can be exploited remotely to execute arbitrary code.
12. An elevation of privilege vulnerability in Windows IME can be exploited remotely via specially crafted application to gain privileges.
13. An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
14. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
15. An elevation of privilege vulnerability in Windows NTLM can be exploited remotely via specially crafted application to gain privileges.
16. An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted application to obtain sensitive information.
17. A denial of service vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted request to cause denial of service.
18. A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.

Original advisories

CVE-2016-7216

CVE-2016-7214

CVE-2016-7215

CVE-2016-7212

CVE-2016-7210

CVE-2016-7218

CVE-2016-3340

CVE-2016-3342

CVE-2016-3343

CVE-2016-7195

CVE-2016-7248

CVE-2016-7199

CVE-2016-7198

CVE-2016-7246

CVE-2016-7205

CVE-2016-7221

CVE-2016-7227

CVE-2016-7202

CVE-2016-3333

CVE-2016-3332

CVE-2016-3335

CVE-2016-3334

CVE-2016-3338

CVE-2016-0026

CVE-2016-7184

CVE-2016-7238

CVE-2016-7239

CVE-2016-7237

CVE-2016-7256

CVE-2016-7255

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Internet-Explorer

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Vista-4

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

Microsoft-Edge

CVE list

CVE-2016-7239 warning

CVE-2016-7227 warning

CVE-2016-7195 critical

CVE-2016-7198 critical

CVE-2016-7199 warning

CVE-2016-7202 critical

CVE-2016-7256 critical

CVE-2016-7255 critical

CVE-2016-7248 critical

CVE-2016-7246 critical

CVE-2016-7238 critical

CVE-2016-7237 high

CVE-2016-0026 critical

CVE-2016-3332 critical

CVE-2016-3333 critical

CVE-2016-3334 critical

CVE-2016-3335 critical

CVE-2016-3338 critical

CVE-2016-3340 critical

CVE-2016-3342 critical

CVE-2016-3343 critical

CVE-2016-7184 critical

CVE-2016-7205 critical

CVE-2016-7210 high

CVE-2016-7212 critical

CVE-2016-7214 warning

CVE-2016-7215 critical

CVE-2016-7216 high

CVE-2016-7218 warning

CVE-2016-7221 critical

KB list

3181707

3193418

3194371

3196718

3197867

3197868

3198234

3198483

3198510

3203859

3197655

3203621

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 7 for 32-bit Systems Service Pack 1Windows 10 Version 1511 for 32-bit SystemsWindows Vista Service Pack 2Windows 7 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 1511 for x64-based SystemsWindows 8.1 for 32-bit systemsWindows Server 2012Windows RT 8.1Windows 10 Version 1607 for x64-based SystemsWindows 10 for 32-bit SystemsInternet Explorer 9Windows Server 2012 (Server Core installation)Windows Server 2016Microsoft Windows Hyperlink Object LibraryWindows 10 Version 1607 for 32-bit SystemsWindows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows 10 for x64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Internet Explorer 10Internet Explorer 11Windows Vista x64 Edition Service Pack 2Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows 8.1 for x64-based systemsMicrosoft Edge (EdgeHTML-based)