Microsoft Windows Graphics Component Multiple Vulnerabilities
Last Update Date:
13 Apr 2016 11:59
Release Date:
13 Apr 2016
3677
Views
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
- Multiple Win32k Elevation of Privilege Vulnerabilities
Elevation of privilege vulnerabilities exist when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerabilities could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. - Graphics Memory Corruption Vulnerability
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
Impact
- Elevation of Privilege
- Remote Code Execution
System / Technologies affected
- Microsoft Windows Server 2008
- Microsoft Windows 7
- Microsoft Windows Server 2008 R2
- Microsoft Windows 8.1
- Microsoft Windows Server 2012 and Windows Server 2012 R2
- Microsoft Windows RT 8.1
- Microsoft Windows 10
- Microsoft Windows Vista
- Microsoft Office 2007
- Microsoft Office 2010
- Microsoft Skype for Business 2016
- Microsoft Lync 2010
- Microsoft Lync 2013
- Microsoft Live Meeting 2007 Console
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS16-039
Vulnerability Identifier
Source
Related Link
Share with