Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10897
HistoryNov 08, 2016 - 12:00 a.m.

KLA10897 Multiple vulnerabilities in Microsoft Windows

2016-11-0800:00:00
Kaspersky Lab
threats.kaspersky.com
54

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.927 High

EPSS

Percentile

99.0%

JSON

Detect date:

11/08/2016

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information.

Affected products:

Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Windows Vista Service Pack 2
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 1511 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows Server 2012
Windows RT 8.1
Windows 10 Version 1607 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2012 (Server Core installation)
Microsoft Windows Hyperlink Object Library
Windows Server 2016
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2016 (Server Core installation)
Windows Server 2012 R2
Windows 10 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows 8.1 for x64-based systems

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2016-7202
CVE-2016-7256
CVE-2016-7255
CVE-2016-7248
CVE-2016-7247
CVE-2016-7246
CVE-2016-7238
CVE-2016-7237
CVE-2016-0026
CVE-2016-3332
CVE-2016-3333
CVE-2016-3334
CVE-2016-3335
CVE-2016-3338
CVE-2016-3340
CVE-2016-3342
CVE-2016-3343
CVE-2016-7184
CVE-2016-7205
CVE-2016-7210
CVE-2016-7212
CVE-2016-7214
CVE-2016-7215
CVE-2016-7216
CVE-2016-7217
CVE-2016-7218
CVE-2016-7220
CVE-2016-7221
CVE-2016-7222
CVE-2016-7223
CVE-2016-7224
CVE-2016-7225
CVE-2016-7226

Impacts:

ACE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2016-72027.5Critical
CVE-2016-72568.8Critical
CVE-2016-72557.8Critical
CVE-2016-72487.8Critical
CVE-2016-72477.5Critical
CVE-2016-72467.8Critical
CVE-2016-72387.8Critical
CVE-2016-72376.5High
CVE-2016-00267.8Critical
CVE-2016-33327.8Critical
CVE-2016-33337.8Critical
CVE-2016-33347.8Critical
CVE-2016-33357.8Critical
CVE-2016-33387.8Critical
CVE-2016-33407.8Critical
CVE-2016-33427.8Critical
CVE-2016-33437.8Critical
CVE-2016-71847.8Critical
CVE-2016-72058.8Critical
CVE-2016-72106.5High
CVE-2016-72127.8Critical
CVE-2016-72143.3Warning
CVE-2016-72157.8Critical
CVE-2016-72165.5High
CVE-2016-72178.8Critical
CVE-2016-72184.7Warning
CVE-2016-72203.3Warning
CVE-2016-72217.8Critical
CVE-2016-72227.8Critical
CVE-2016-72236.1High
CVE-2016-72246.1High
CVE-2016-72256.1High
CVE-2016-72266.1High

Microsoft official advisories:

KB list:

3200970
3181707
3193418
3194371
3196718
3197873
3197874
3197876
3197877
3198218
3198234
3198483
3198510
3198585
3198586
3203859
3208481

Exploitation:

Public exploits exist for this vulnerability.

References

Related

mskb 25
prion 28
kaspersky 1
cve 29
openvas 9
nessus 9
threatpost 1
mmpc 1
symantec 25
checkpoint_advisories 19
mscve 25
zdt 10
myhack58 1
fireeye 2
packetstorm 3
zdi 3
exploitpack 2
thn 1
seebug 1
attackerkb 2
cisa_kev 2
mskb
mskb
November 2016 Security Monthly Quality Rollup for Windows Server 2012
2016-11-08 08:00:00
November 2016 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2
2016-11-08 08:00:00
November 2016 Security Only Quality Update for Windows 8.1, and Windows Server 2012 R2
2016-11-08 08:00:00
prion
prion
Privilege escalation
2016-11-10 06:59:00
Privilege escalation
2016-11-10 06:59:00
Privilege escalation
2016-11-10 06:59:00
kaspersky
kaspersky
KLA11832 Multiple vulnerabilities in Microsoft Products (ESU)
2016-11-08 00:00:00
cve
cve
CVE-2016-3334
2016-11-10 06:59:00
CVE-2016-3332
2016-11-10 06:59:00
CVE-2016-3338
2016-11-10 06:59:00
openvas
openvas
Microsoft Windows Common Log File System Driver Elevation of Privilege Vulnerability (3193706)
2016-11-09 00:00:00
Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (3199135)
2016-11-09 00:00:00
Microsoft Graphics Component Multiple Vulnerabilities (3199120)
2016-11-09 00:00:00
nessus
nessus
MS16-134: Security Update for Common Log File System Driver (3193706)
2016-11-08 00:00:00
MS16-135: Security Update for Windows Kernel-Mode Drivers (3199135)
2016-11-08 00:00:00
MS16-138: Security Update for Microsoft Virtual Hard Disk Driver (3199647)
2016-11-08 00:00:00
threatpost
threatpost
Microsoft Patches Zero Day Disclosed by Google
2016-11-08 14:57:26
mmpc
mmpc
Hardening Windows 10 with zero-day exploit mitigations
2017-01-13 21:28:49
symantec
symantec
Microsoft Windows Video Control CVE-2016-7248 Remote Code Execution Vulnerability
2016-11-08 00:00:00
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability
2016-11-08 00:00:00
Microsoft Windows Kernel 'Bowser.sys' CVE-2016-7218 Information Disclosure Vulnerability
2016-11-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (MS16-135: CVE-2016-7215)
2016-11-08 00:00:00
Microsoft Windows Win32k Elevation of Privilege (MS16-135: CVE-2016-7255)
2016-11-08 00:00:00
Microsoft Windows Open Type Font Remote Code Execution (MS16-132: CVE-2016-7256)
2016-11-08 00:00:00
mscve
mscve
Local Security Authority Subsystem Service Denial of Service Vulnerability
2016-11-08 08:00:00
Windows Bowser.sys Information Disclosure Vulnerability
2016-11-08 08:00:00
VHD Driver Elevation of Privilege Vulnerability
2016-11-08 08:00:00
zdt
zdt
Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS
2016-11-16 00:00:00
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Privilege Escalation (MS16-135) (2)
2017-01-11 00:00:00
Microsoft Windows Kernel - win32k Denial of Service (MS16-135) Exploit
2016-11-10 00:00:00
myhack58
myhack58
“cerber”blackmailer for CVE-2016-7255 exploit analysis-exploit warning-the black bar safety net
2017-03-23 00:00:00
fireeye
fireeye
Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations
2017-05-14 18:00:00
Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations
2017-05-14 18:00:00
packetstorm
packetstorm
Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr Privilege Escalation
2017-01-12 00:00:00
Microsoft Windows kernel win32k Denial Of Service
2016-11-14 00:00:00
LSASS SMB NTLM Exchange Remote Memory Corruption
2016-11-14 00:00:00
zdi
zdi
Microsoft Windows win32k.sys Bitmap Null Pointer Dereference Privilege Escalation Vulnerability
2016-11-08 00:00:00
Microsoft Internet Explorer Array.splice Memory Corruption Remote Code Execution Vulnerability
2017-06-21 00:00:00
Microsoft Windows NtUserMagSetContextInformation Kernel State Corruption Privilege Escalation Vulnerability
2016-11-08 00:00:00
exploitpack
exploitpack
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation (MS16-135) (2)
2017-01-08 00:00:00
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
2016-11-21 00:00:00
thn
thn
Microsoft Patches Windows Zero-Day Flaw Disclosed by Google
2016-11-09 06:12:00
seebug
seebug
Win32k elevation of privilege vulnerability MS16-135)(CVE-2016-7255)
2016-11-10 00:00:00
attackerkb
attackerkb
CVE-2016-7255
2016-11-10 00:00:00
CVE-2016-7256
2016-11-10 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2021-11-03 00:00:00
Microsoft Windows Open Type Font Remote Code Execution Vulnerability
2022-05-25 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.927 High

EPSS

Percentile

99.0%

JSON
Related for KLA10897
mskb25prion28kaspersky1cve29openvas9nessus9threatpost1mmpc1symantec25checkpoint_advisories19mscve25zdt10myhack581fireeye2packetstorm3zdi3exploitpack2thn1seebug1attackerkb2cisa_kev2