| VID |
26789 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (MS16-104, 3183038) for 'Cumulative Security Update for Internet Explorer' has not been applied.
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Multiple Microsoft Internet Explorer Memory Corruption Vulnerabilities
Multiple remote code execution vulnerabilities exist in the way that Internet Explorer accesses objects in memory. The vulnerabilities could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Scripting Engine Memory Corruption Vulnerability CVE-2016-3375
A remote code execution vulnerability exists in the way that the Microsoft OLE Automation mechanism and the VBScript Scripting Engine in Internet Explorer access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Internet Explorer Elevation of Privilege Vulnerability CVE-2016-3292
An elevation of privilege vulnerability exists when Internet Explorer fails a check, allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with one or more vulnerabilities (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.
Microsoft Browser Information Disclosure Vulnerability CVE-2016-3325
An information disclosure vulnerability exists in the way that the affected components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.
Microsoft Browser Information Disclosure Vulnerability CVE-2016-3351
An information disclosure vulnerability exists in the way that certain functions handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://technet.microsoft.com/en-us/library/security/ms16-104
* Platforms Affected:
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11 |
| Recommendation |
Apply the appropriate patch(3183038) for your system, as listed in Microsoft Security Bulletin MS16-104 at https://technet.microsoft.com/en-us/library/security/ms16-104
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2016-3247,CVE-2016-3291,CVE-2016-3292,CVE-2016-3295,CVE-2016-3297,CVE-2016-3324,CVE-2016-3325,CVE-2016-3351,CVE-2016-3353,CVE-2016-3375 (CVE) |
| Related URL |
92788,92808,92809,92827,92828,92829,92830,92832,92834,92835 (SecurityFocus) |
| Related URL |
(ISS) |
|
