Security Update for Microsoft Windows (3199172)
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2016-7221 CVE-2016-7222 CVE-2016-7212 |
| CWE-ID | CWE-427 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU1161
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-7221
CWE-ID:
CWE-427 - Uncontrolled Search Path Element
Exploit availability: No
DescriptionA local attacker can obtain elevated privileges.
The vulnerability exists due to an error when loading DDL file in Windows Input Method Editor (IME). A local authenticated user can cause IME to load a specially crafted DLL file and execute arbitrary code on the system with elevated privileges.
Successful exploitation of this vulnerability will allow an attacker to gain elevated privileges on vulnerable system.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: Vista - 10
Windows Server: 2008 - 2016 10.0.14393.10
CPE2.3- cpe:2.3:o:microsoft:windows:Vista:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1_RT:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
https://technet.microsoft.com/library/security/MS16-130
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU1162
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-7222
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionA local attacker can obtain elevated privileges.
The vulnerability exists due to an error when handling UNC paths in Windows Task Scheduler. A local authenticated user can create a task with specially crafted UNC path and execute it with elevated privileges.
Successful exploitation of this vulnerability will allow an attacker to gain elevated privileges on vulnerable system.
Mitigation
Install updates from Microsoft website.
Vulnerable software versionsWindows: 10
Windows Server: 2016 10.0.14393.10
CPE2.3 External linkshttps://technet.microsoft.com/library/security/MS16-130
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Remote code execution
EUVDB-ID: #VU1163
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7212
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to unknown error when handling images. A remote attacker can create a specially crafted image and execute arbitrary code on the target system with privileges of the current user, when malicious images is viewed.
Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on vulnerable system with privileges of the current user.
MitigationInstall updates from Microsoft website.
Vulnerable software versionsWindows: Vista - 10
Windows Server: 2008 - 2016 10.0.14393.10
CPE2.3- cpe:2.3:o:microsoft:windows:Vista:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1_RT:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
https://technet.microsoft.com/library/security/MS16-130
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
