Kaspersky LabKLA10789KLA10789 Multiple vulnerabilities in Microsoft Browsers
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.927 High
EPSS
Percentile
99.0%
Detect date:
04/12/2016
Severity:
Critical
Description:
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.
Affected products:
Internet Explorer 11
Internet Explorer 10
Internet Explorer 9
Microsoft Edge (EdgeHTML-based)
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2016-0154
CVE-2016-0155
CVE-2016-0156
CVE-2016-0157
CVE-2016-0158
CVE-2016-0160
CVE-2016-0161
CVE-2016-0162
CVE-2016-0164
CVE-2016-0166
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2016-01547.6Critical
CVE-2016-01557.6Critical
CVE-2016-01567.6Critical
CVE-2016-01577.6Critical
CVE-2016-01584.3Warning
CVE-2016-01607.2High
CVE-2016-01614.3Warning
CVE-2016-01624.3Warning
CVE-2016-01647.6Critical
CVE-2016-01667.6Critical
Microsoft official advisories:
KB list:
3147461
3147458
3148198
4015549
4015550
4015221
4014661
4015551
4015219
References
support.microsoft.com/kb/3147458
support.microsoft.com/kb/3147461
support.microsoft.com/kb/3148198
support.microsoft.com/kb/4014661
support.microsoft.com/kb/4015219
support.microsoft.com/kb/4015221
support.microsoft.com/kb/4015549
support.microsoft.com/kb/4015550
support.microsoft.com/kb/4015551
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0154
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0155
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0156
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0157
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0158
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0160
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0161
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0162
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0164
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0166
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0154
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0155
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0156
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0157
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0158
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0160
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0161
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0162
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0164
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0166
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.927 High
EPSS
Percentile
99.0%