| VID |
26797 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (MS16-120, 3192884) for 'Security Update for Microsoft Graphics Component' has not been applied.
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. The most serious of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Windows Graphics Component RCE Vulnerability ? CVE-2016-3393
A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
GDI+ Remote Code Execution Vulnerability ? CVE-2016-3396
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Multiple GDI+ Information Disclosure Vulnerabilities
Multiple information disclosure vulnerabilities exist in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. An attacker who successfully exploited these vulnerabilities could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows, which helps guard against a broad class of vulnerabilities. By itself, the information disclosures do not allow arbitrary code execution; however, they could allow arbitrary code to be run if the attacker uses one in combination with another vulnerability, such as a remote code execution vulnerability, that can leverage the ASLR circumvention.
True Type Font Parsing Elevation of Privilege Vulnerability ? CVE-2016-7182
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Win32k Elevation of Privilege Vulnerability ? CVE-2016-3270
An elevation of privilege vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://technet.microsoft.com/en-us/library/security/ms16-120
* Platforms Affected:
Windows Vista SP2
Windows Vista x64 SP2
Windows Server 2008 SP2
Windows Server 2008 x64 SP2
Windows 7 SP1
Windows 7 x64 SP1
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows 10 |
| Recommendation |
Apply the appropriate patch(3192884) for your system, as listed in Microsoft Security Bulletin MS16-120 at https://technet.microsoft.com/en-us/library/security/ms16-120
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2016-3209,CVE-2016-3262,CVE-2016-3263,CVE-2016-3270,CVE-2016-3393,CVE-2016-3396,CVE-2016-7182 (CVE) |
| Related URL |
93377,93380,93385,93390,93394,93395,93403 (SecurityFocus) |
| Related URL |
(ISS) |
|
