DATABASE RESOURCES PRICING ABOUT US

{"id": "MS:CVE-2016-3252", "bulletinFamily": "microsoft", "title": "Windows Kernel Elevation of Privilege Vulnerability", "description": "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.\n\nThe update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.\n", "published": "2016-07-12T07:00:00", "modified": "2016-07-12T07:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.3, "impactScore": 5.9}, "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2016-3252", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2016-3252"], "immutableFields": [], "type": "mscve", "lastseen": "2022-10-26T18:28:17", "edition": 1, "viewCount": 3, "enchantments": {"backreferences": {"references": [{"idList": ["CVE-2016-3252"], "type": "cve"}, {"idList": ["CISA:574A6E25827684C587359C37EF1D5132"], "type": "cisa"}, {"idList": ["SMB_NT_MS16-090.NASL"], "type": "nessus"}, {"idList": ["KB3163017"], "type": "mskb"}, {"idList": ["SMNTC-91614"], "type": "symantec"}, {"idList": ["OPENVAS:1361412562310808577"], "type": "openvas"}, {"idList": ["THREATPOST:2C2827FBF9D900F4194802CE8C471B4C"], "type": "threatpost"}, {"idList": ["CPAI-2016-0569"], "type": "checkpoint_advisories"}]}, "dependencies": {"references": [{"idList": ["KB3171481", "KB3168965"], "type": "mskb"}, {"idList": ["SMB_NT_MS16-090.NASL"], "type": "nessus"}, {"idList": ["CVE-2016-3252", "CVE-2016-3249", "CVE-2016-3286", "CVE-2016-3254"], "type": "cve"}, {"idList": ["SMNTC-91614"], "type": "symantec"}, {"idList": ["OPENVAS:1361412562310808577"], "type": "openvas"}, {"idList": ["KLA11909", "KLA10840"], "type": "kaspersky"}, {"idList": ["CPAI-2016-0569"], "type": "checkpoint_advisories"}]}, "exploitation": null, "score": {"value": 3.3, "vector": "NONE"}, "vulnersScore": 3.3}, "_state": {"dependencies": 1666809388, "score": 1666809538}, "_internal": {"score_hash": "b210bd6e0f23393175066ba7f7332db2"}, "kbList": ["KB3163912", "KB3163017", "KB3163018", "KB3161664", "KB3168965", "KB3172985"], "msrc": "", "mscve": "CVE-2016-3252", "msAffectedSoftware": [{"kb": "KB3172985", "kbSupersedence": "KB3163018", "msplatform": "", "name": "windows 10 version 1511 for x64-based systems", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows vista x64 edition service pack 2", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 for x64-based systems service pack 2", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 for itanium-based systems service pack 2", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows 7 for x64-based systems service pack 1", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 r2 for x64-based systems service pack 1", "operator": "", "version": ""}, {"kb": "KB3163912", "kbSupersedence": "KB3163017", "msplatform": "", "name": "windows 10 for x64-based systems", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 for 32-bit systems service pack 2", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2012 r2", "operator": "", "version": ""}, {"kb": "KB3163912", "kbSupersedence": "KB3163017", "msplatform": "", "name": "windows 10 for 32-bit systems", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 for x64-based systems service pack 2 (server core installation)", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 r2 for itanium-based systems service pack 1", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows 7 for 32-bit systems service pack 1", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows rt 8.1", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 for 32-bit systems service pack 2 (server core installation)", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows vista service pack 2", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows 8.1 for x64-based systems", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2012 r2 (server core installation)", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2008 r2 for x64-based systems service pack 1 (server core installation)", "operator": "", "version": ""}, {"kb": "KB3172985", "kbSupersedence": "KB3163018", "msplatform": "", "name": "windows 10 version 1511 for 32-bit systems", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows 8.1 for 32-bit systems", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2012 (server core installation)", "operator": "", "version": ""}, {"kb": "KB3168965", "kbSupersedence": "KB3161664", "msplatform": "", "name": "windows server 2012", "operator": "", "version": ""}], "vendorCvss": {"baseScore": "7.8", "temporalScore": "7.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}

{"mskb": [{"lastseen": "2023-01-11T10:19:38", "description": "None\n## Summary\n\nThis security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. \n \n \nTo learn more about the vulnerability, see [Microsoft Security Bulletin MS16-090](<https://technet.microsoft.com/library/security/ms16-090>). \n\n## More Information\n\nImportant\n\n * All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update [2919355](<http://support.microsoft.com/en-us/help/2919355>) to be installed. We recommend that you install update [2919355](<http://support.microsoft.com/en-us/help/2919355>) on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/en-us/library/hh825699>). \n\n\n## \n\n__\n\nNon\u2013security-related fixes that are included in this security update\n\nThis security update also fixes the following non\u2013security-related issues: \n \n\n\n * In certain versions of the Bentley MicroStation app, customers might have problems accessing and arranging windows in the app. \n \nThe third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. \n\n \n\n\nHow to obtain and install the update\n\nMethod 1: Windows UpdateThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Get security updates automatically](<https://www.microsoft.com/en-us/safety/pc-security/updates.aspx>). \n \nNote For Windows RT 8.1, this update is available through Windows Update only. \n\n\n## \n\n__\n\nMethod 2: Microsoft Download Center\n\nYou can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update. \n \nClick the download link in [Microsoft Security Bulletin MS16-090](<https://technet.microsoft.com/library/security/ms16-090>) that corresponds to the version of Windows that you are running. \n \n\n\nMore Information\n\n## \n\n__\n\nHow to obtain help and support for this security update\n\nHelp for installing updates: [Support for Microsoft Update](<http://support.microsoft.com/ph/6527>) \n \nSecurity solutions for IT professionals: [TechNet Security Troubleshooting and Support](<https://technet.microsoft.com/security/bb980617.aspx>) \n \nHelp for protecting your Windows-based computer from viruses and malware: [Virus Solution and Security Center](<http://support.microsoft.com/contactus/cu_sc_virsec_master>) \n \nLocal support according to your country: [International Support](<https://www.microsoft.com/en-us/locale.aspx>) \n\n\nFile Information\n\n## \n\n__\n\nFile hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB3168965-x86.msu| 375526148340BE7D7D38F820D027666956BA11E5| 4DABA6F50556A155D6F1F5F75786B6938E8C2D0D8D4C1C03A12AF3EF9AAD4CC6 \nWindows8.1-KB3168965-x64.msu| 883B41D191EFC9CCDCAD0F40350074A196459582| 9C31170CD3BF9C1EE96FB59BBFD4F73C083BE9FF95219401DD99262B99985CF2 \nWindows6.1-KB3168965-x64.msu| 936C2CDB1A9D11DEB25A2B28D98CD300EFF933FB| 89A96766CF55BF234EFD240B01FD3E83B4FC427F6E4F20111BB7AEB741D81E37 \nWindows8-RT-KB3168965-x64.msu| A0387735CB2BB6613867C62E57278FECD5FF3F3B| 1AFD6AD646861699177E66108CA1E71FBD6FACF0E200A5BFD36EC5547AE8569D \nWindows6.1-KB3168965-ia64.msu| 1ECA451381884C3E0795E6C41921FB732DF54C1E| F497493819886CCDACDFE5991A09B60DA96CC4495021C44AB29A9603491D1444 \nWindows6.0-KB3168965-ia64.msu| 8748F20332E93722F15AE994EA32399FC03FA859| 9299D9C1B9BE8DE25E44CB5CADFC4BDE8CFFE62E7C43196F6BE16E0047BAB36C \nWindows6.1-KB3168965-x86.msu| A083CD38F90820350A2BFFF0C1A609A841515D02| B695780266CEAA73AD1F30A772442A9772936087DAB1C10B9C44037D959EA073 \nWindows6.0-KB3168965-x64.msu| 4D6AF938468D6165C214A26CC6B5A5CEE23C6017| 4D4B46385E8DA83244B1CCC92A72F569933D14E338E0BB130FA2EB9339608DC6 \nWindows6.0-KB3168965-x86.msu| C8F26AFD260E995D14DEE85DA24C249C9ECB17E8| 2BB5E6DCE81C3A0FF9AB1344684872D075E6FBC3A6EFC9FA7D9941487DDDF9BF \n \n\n\n## \n\n__\n\nFile information\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables.Windows 8.1 and Windows Server 2012 R2 file informationNotes\n\n * The files that apply to a specific product, milestone (RTM, SP**n**), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version| Product| Milestone| Service branch \n---|---|---|--- \n6.3.960 0.16**xxx**| Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2| RTM| GDR \n6.3.960 0.17**xxx**| Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2| RTM| GDR \n6.3.960 0.18**xxx**| Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2| RTM| GDR \n * GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.\n * The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\nFor all supported x86-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nWin32k.ptxml| Not applicable| 4,213| 21-Aug-2013| 23:39| Not applicable \nWin32k.sys| 6.3.9600.18377| 3,485,184| 10-Jun-2016| 19:06| x86 \nFor all supported x64-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nWin32k.ptxml| Not applicable| 4,213| 22-Aug-2013| 06:44| Not applicable \nWin32k.sys| 6.3.9600.18377| 4,167,680| 10-Jun-2016| 21:35| x64 \nWow64_win32k.ptxml| Not applicable| 4,213| 21-Aug-2013| 23:39| Not applicable \nWindows 7 and Windows Server 2008 R2 file informationNotes\n\n * The files that apply to a specific product, milestone (RTM, SP**n**), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version| Product| Milestone| Service branch \n---|---|---|--- \n6.1.760 1.18**xxx**| Windows 7 or Windows Server 2008 R2| SP1| GDR \n6.1.760 1.23**xxx**| Windows 7 or Windows Server 2008 R2| SP1| LDR \n * GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.\n * The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\nFor all supported x64-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nSysmain.sdb| Not applicable| 125,290| 14-Jun-2016| 13:26| Not applicable \nWin32k.sys| 6.1.7601.23471| 3,217,408| 14-Jun-2016| 15:03| x64 \nAcres.dll| 6.1.7601.23471| 2,560| 14-Jun-2016| 15:21| x86 \nSysmain.sdb| Not applicable| 4,080,122| 14-Jun-2016| 13:27| Not applicable \nFor all supported ia64-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nSysmain.sdb| Not applicable| 122,268| 14-Jun-2016| 13:25| Not applicable \nWin32k.sys| 6.1.7601.23471| 7,512,064| 14-Jun-2016| 14:52| IA-64 \nAcres.dll| 6.1.7601.23471| 2,560| 14-Jun-2016| 15:21| x86 \nSysmain.sdb| Not applicable| 4,080,122| 14-Jun-2016| 13:27| Not applicable \nFor all supported x86-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nAcres.dll| 6.1.7601.23471| 2,560| 14-Jun-2016| 15:21| x86 \nSysmain.sdb| Not applicable| 4,080,122| 14-Jun-2016| 13:27| Not applicable \nWin32k.sys| 6.1.7601.23471| 2,398,208| 14-Jun-2016| 14:57| x86 \nWindows Server 2012 file informationNotes\n\n * The files that apply to a specific product, milestone (RTM, SP**n**), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version| Product| Milestone| Service branch \n---|---|---|--- \n6.2.920 0.17**xxx**| Windows 8, Windows RT, or Windows Server 2012| RTM| GDR \n6.2.920 0.21**xxx**| Windows 8, Windows RT, or Windows Server 2012| RTM| LDR \n * GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.\n * The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\nFor all supported x64-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nWin32k.ptxml| Not applicable| 4,172| 25-Jul-2012| 20:29| Not applicable \nWin32k.sys| 6.2.9200.21896| 4,050,432| 10-Jun-2016| 23:17| x64 \nWow64_win32k.ptxml| Not applicable| 4,172| 12-Feb-2013| 00:09| Not applicable \nWindows Vista and Windows Server 2008 file informationNotes\n\n * The files that apply to a specific product, milestone (RTM, SP**n**), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version| Product| Milestone| Service branch \n---|---|---|--- \n6.0.600 2.19**xxx**| Windows Vista or Windows Server 2008| SP2| GDR \n6.0.600 2.23**xxx**| Windows Vista or Windows Server 2008| SP2| LDR \n * GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.\n * The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\nFor all supported ia64-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nWin32k.sys| 6.0.6002.19664| 6,697,472| 10-Jun-2016| 14:27| IA-64 \nWin32k.sys| 6.0.6002.23979| 6,707,200| 10-Jun-2016| 14:23| IA-64 \nFor all supported x64-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nWin32k.sys| 6.0.6002.19664| 2,802,176| 10-Jun-2016| 14:45| x64 \nWin32k.sys| 6.0.6002.23979| 2,804,736| 10-Jun-2016| 14:41| x64 \nFor all supported x86-based versionsFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nWin32k.sys| 6.0.6002.19664| 2,071,040| 10-Jun-2016| 14:19| x86 \nWin32k.sys| 6.0.6002.23979| 2,079,744| 10-Jun-2016| 14:23| x86 \n \n\n", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-12T07:00:00", "type": "mskb", "title": "MS16-090: Description of the security update for Windows kernel-mode drivers: July 12, 2016", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3252"], "modified": "2016-07-12T07:00:00", "id": "KB3168965", "href": "https://support.microsoft.com/en-us/help/3168965", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:44:00", "description": "<html><body><p>Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.</p><h2>Summary</h2><div class=\"kb-summary-section section\">This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. <br/><br/>To learn more about the vulnerability, see <a href=\"https://technet.microsoft.com/library/security/ms16-090\" id=\"kb-link-2\" target=\"_self\">Microsoft Security Bulletin MS16-090</a>. </div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><span class=\"text-base\">Important</span><br/><br/><ul class=\"sbody-free_list\"><li>All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update <a href=\"https://support.microsoft.com/en-us/help/2919355\" id=\"kb-link-3\" target=\"_self\">2919355</a> to be installed. We recommend that you install update <a href=\"https://support.microsoft.com/en-us/help/2919355\" id=\"kb-link-4\" target=\"_self\">2919355</a> on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates. </li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a href=\"https://technet.microsoft.com/en-us/library/hh825699\" id=\"kb-link-5\" target=\"_self\">Add language packs to Windows</a>.<br/></li></ul></div><h2>Additional information about this security update</h2><div class=\"kb-moreinformation-section section\"><br/>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.<br/><br/><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-6\" target=\"_self\">3168965</a> MS16-090: Description of the security update for Windows kernel-mode drivers: July 12, 2016 </li><li><a href=\"https://support.microsoft.com/help/3163912\" id=\"kb-link-7\" target=\"_self\">3163912</a> Cumulative update for Windows 10: July 12, 2016</li><li><a href=\"https://support.microsoft.com/help/3172985 \" id=\"kb-link-8\" target=\"_self\">3172985</a> Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: July 12, 2016</li></ul></div><h2>How to obtain and install the update</h2><div class=\"kb-resolution-section section\"><a class=\"bookmark\" id=\"obtaintheupdate\"></a><h3 class=\"sbody-h3\">Method 1: Windows Update</h3><div class=\"kb-collapsible kb-collapsible-expanded\">This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see <br/><a href=\"https://www.microsoft.com/en-us/safety/pc-security/updates.aspx\" id=\"kb-link-10\" target=\"_self\">Get security updates automatically</a>.<br/><br/><span class=\"text-base\">Note</span> For Windows RT 8.1, this update is available through Windows Update only.<br/></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Method 2: Microsoft Download Center</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.<br/><br/>Click the download link in <a href=\"https://technet.microsoft.com/library/security/ms16-090\" id=\"kb-link-11\" target=\"_self\">Microsoft Security Bulletin MS16-090</a> that corresponds to the version of Windows that you are running. <br/></div><br/></span></div></div></div></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Security update deployment information<br/></span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><h4 class=\"sbody-h4\"> Windows Vista (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file names</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Vista:<br/><span class=\"text-base\">Windows6.0-KB3168965-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Vista:<br/><span class=\"text-base\">Windows6.0-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-12\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">WUSA.exe does not support uninstalling updates. To uninstall an update that is installed by WUSA, click <strong class=\"uiterm\">Control Panel</strong>, and then click <strong class=\"uiterm\">Security</strong>. Under <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">View installed updates</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-13\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><h4 class=\"sbody-h4\"> Windows Server 2008 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file names</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3168965-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported Itanium-based editions of Windows Server 2008:<br/><span class=\"text-base\">Windows6.0-KB3168965-ia64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-14\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">WUSA.exe does not support uninstalling updates. To uninstall an update that is installed by WUSA, click <strong class=\"uiterm\">Control Panel</strong>, and then click <strong class=\"uiterm\">Security</strong>. Under <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">View installed updates</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-15\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><h4 class=\"sbody-h4\">Windows 7 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 7:<br/><span class=\"text-base\">Windows6.1-KB3168965-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 7:<br/><span class=\"text-base\">Windows6.1-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-16\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update that is installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <strong class=\"uiterm\">Control Panel</strong>, click <strong class=\"uiterm\">System and Security</strong>, click <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">View installed updates</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-17\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><h4 class=\"sbody-h4\">Windows Server 2008 R2 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported x64-based editions of Windows Server 2008 R2:<br/><span class=\"text-base\">Windows6.1-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported Itanium-based editions of Windows Server 2008 R2:<br/><span class=\"text-base\">Windows6.1-KB3168965-ia64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-18\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update that is installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <strong class=\"uiterm\">Control Panel</strong>, click <strong class=\"uiterm\">System and Security</strong>, click <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">View installed updates</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-19\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><h4 class=\"sbody-h4\">Windows 8.1 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 8.1:<br/><span class=\"text-base\">Windows8.1-KB3168965-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 8.1:<br/><span class=\"text-base\">Windows8.1-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-20\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update that is installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <strong class=\"uiterm\">Control Panel</strong>, click <strong class=\"uiterm\">System and Security</strong>, click <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">Installed updates</strong> under <strong class=\"uiterm\">See also</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-21\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><h4 class=\"sbody-h4\">Windows Server 2012 and Windows Server 2012 R2 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported editions of Windows Server 2012:<br/><span class=\"text-base\">Windows8-RT-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported editions of Windows Server 2012 R2:<br/><span class=\"text-base\">Windows8.1-KB3168965-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-22\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update that is installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <strong class=\"uiterm\">Control Panel</strong>, click <strong class=\"uiterm\">System and Security</strong>, click <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">Installed updates</strong> under <strong class=\"uiterm\">See also</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-23\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><h4 class=\"sbody-h4\">Windows RT 8.1 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Deployment</span></td><td class=\"sbody-td\">The 3168965 update is available via <a href=\"http://go.microsoft.com/fwlink/?linkid=21130\" id=\"kb-link-24\" target=\"_self\">Windows Update</a> only. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart Requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal Information</span></td><td class=\"sbody-td\">Click <strong class=\"uiterm\">Control Panel</strong>, click <strong class=\"uiterm\">System and Security</strong>, and then click <strong class=\"uiterm\">Windows Update</strong>. Under <span class=\"sbody-userinput\">See also</span>, click <span class=\"text-base\">Installed updates</span>, and then select from the list of updates. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File Information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3168965\" id=\"kb-link-25\" target=\"_self\">Microsoft Knowledge Base Article 3168965</a></td></tr></table></div><h4 class=\"sbody-h4\">Windows 10 (all editions)</h4><span class=\"text-base\">Reference table</span><br/><br/>The following table contains the security update information for this software.<br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Security update file name</span></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 10:<br/><span class=\"text-base\">Windows10.0-KB3163912-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 10:<br/><span class=\"text-base\">Windows10.0-KB3163912-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported 32-bit editions of Windows 10 Version 1511:<br/><span class=\"text-base\">Windows10.0-KB3172985-x86.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"></td><td class=\"sbody-td\">For all supported x64-based editions of Windows 10 Version 1511:<br/><span class=\"text-base\">Windows10.0-KB3172985-x64.msu</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Installation switches</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/934307\" id=\"kb-link-26\" target=\"_self\">Microsoft Knowledge Base Article 934307</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Restart requirement</span></td><td class=\"sbody-td\">A system restart is required after you apply this security update. </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Removal information</span></td><td class=\"sbody-td\">To uninstall an update that is installed by WUSA, use the <span class=\"text-base\">/Uninstall</span> setup switch or click <strong class=\"uiterm\">Control Panel</strong>, click <strong class=\"uiterm\">System and Security</strong>, click <strong class=\"uiterm\">Windows Update</strong>, click <strong class=\"uiterm\">Installed updates</strong> under <strong class=\"uiterm\">See also</strong>, and then select from the list of updates.</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">File information</span></td><td class=\"sbody-td\">See <a href=\"https://support.microsoft.com/help/3163912\" id=\"kb-link-27\" target=\"_self\">Microsoft Knowledge Base Article 3163912</a><br/>See <a href=\"https://support.microsoft.com/help/3172985\" id=\"kb-link-28\" target=\"_self\">Microsoft Knowledge Base Article 3172985</a></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Registry key verification</span></td><td class=\"sbody-td\"><span class=\"text-base\">Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div></div><br/></span></div></div></div><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">How to obtain help and support for this security update</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">Help for installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-29\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"https://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-30\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help for protecting your Windows-based computer from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-31\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href=\"https://www.microsoft.com/en-us/locale.aspx\" id=\"kb-link-32\" target=\"_self\">International Support</a></div><br/></span></div></div></div><a class=\"bookmark\" id=\"fileinfo\"></a></div></body></html>", "edition": 2, "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-12T00:00:00", "type": "mskb", "title": "MS16-090: Security update for Windows kernel-mode drivers: July 12, 2016", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3250", "CVE-2016-3252", "CVE-2016-3249", "CVE-2016-3251", "CVE-2016-3286", "CVE-2016-3254"], "modified": "2016-07-12T19:26:56", "id": "KB3171481", "href": "https://support.microsoft.com/en-us/help/3171481/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T12:00:56", "description": "An elevation of privilege vulnerability exists in Windows Kernel. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by running a specially crafted application.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-12T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Win32k Elevation of Privilege (MS16-090 : CVE-2016-3252)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3252"], "modified": "2016-07-12T00:00:00", "id": "CPAI-2016-0569", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "symantec": [{"lastseen": "2021-06-08T19:05:16", "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges.\n\n### Technologies Affected\n\n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1511 for 32-bit Systems \n * Microsoft Windows 10 version 1511 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Vista Service Pack 2 \n * Microsoft Windows Vista x64 Edition Service Pack 2 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nTo exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 2, "cvss3": {}, "published": "2016-07-12T00:00:00", "type": "symantec", "title": "Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3252 Local Privilege Escalation Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2016-3252"], "modified": "2016-07-12T00:00:00", "id": "SMNTC-91614", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/91614", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2022-03-23T13:20:08", "description": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-3249, CVE-2016-3254, and CVE-2016-3286.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-13T01:59:00", "type": "cve", "title": "CVE-2016-3252", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3249", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3286"], "modified": "2018-10-12T22:12:00", "cpe": ["cpe:/o:microsoft:windows_vista:*", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_7:*", "cpe:/o:microsoft:windows_8.1:*"], "id": "CVE-2016-3252", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3252", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:20:11", "description": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-3249, CVE-2016-3252, and CVE-2016-3286.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-13T01:59:00", "type": "cve", "title": "CVE-2016-3254", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3249", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3286"], "modified": "2018-10-12T22:12:00", "cpe": ["cpe:/o:microsoft:windows_vista:*", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:*", "cpe:/o:microsoft:windows_7:*", "cpe:/o:microsoft:windows_server_2008:*"], "id": "CVE-2016-3254", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3254", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:20:00", "description": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-3252, CVE-2016-3254, and CVE-2016-3286.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-13T01:59:00", "type": "cve", "title": "CVE-2016-3249", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3249", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3286"], "modified": "2018-10-12T22:12:00", "cpe": ["cpe:/o:microsoft:windows_vista:*", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_7:*", "cpe:/o:microsoft:windows_8.1:*"], "id": "CVE-2016-3249", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3249", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:20:56", "description": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-3249, CVE-2016-3252, and CVE-2016-3254.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-13T01:59:00", "type": "cve", "title": "CVE-2016-3286", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3249", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3286"], "modified": "2018-10-12T22:12:00", "cpe": ["cpe:/o:microsoft:windows_vista:*", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1511", "cpe:/o:microsoft:windows_server_2008:*", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_7:*", "cpe:/o:microsoft:windows_8.1:*"], "id": "CVE-2016-3286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3286", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2023-01-11T16:40:16", "description": "The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple elevation of privilege vulnerabilities exist in the kernel-mode driver due to improper handling of objects in memory. An authenticated, remote attacker can exploit these, via a specially crafted application, to run arbitrary code in kernel mode. (CVE-2016-3249, CVE-2016-3250, CVE-2016-3252, CVE-2016-3254, CVE-2016-3286)\n\n - An information disclosure vulnerability exists in the Windows GDI component due improper handling of objects in memory. An authenticated, remote attacker can exploit this, via a specially crafted application, to disclose kernel memory addresses. (CVE-2016-3251)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-12T00:00:00", "type": "nessus", "title": "MS16-090: Security Update for Windows Kernel-Mode Drivers (3171481)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3249", "CVE-2016-3250", "CVE-2016-3251", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3286"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS16-090.NASL", "href": "https://www.tenable.com/plugins/nessus/92021", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92021);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2016-3249\",\n \"CVE-2016-3250\",\n \"CVE-2016-3251\",\n \"CVE-2016-3252\",\n \"CVE-2016-3254\",\n \"CVE-2016-3286\"\n );\n script_bugtraq_id(\n 91597,\n 91600,\n 91613,\n 91614,\n 91615,\n 91616\n );\n script_xref(name:\"MSFT\", value:\"MS16-090\");\n script_xref(name:\"MSKB\", value:\"3163912\");\n script_xref(name:\"MSKB\", value:\"3168965\");\n script_xref(name:\"MSKB\", value:\"3172985\");\n\n script_name(english:\"MS16-090: Security Update for Windows Kernel-Mode Drivers (3171481)\");\n script_summary(english:\"Checks version of win32k.sys.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing a security update. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - Multiple elevation of privilege vulnerabilities exist in\n the kernel-mode driver due to improper handling of\n objects in memory. An authenticated, remote attacker can\n exploit these, via a specially crafted application, to\n run arbitrary code in kernel mode. (CVE-2016-3249,\n CVE-2016-3250, CVE-2016-3252, CVE-2016-3254,\n CVE-2016-3286)\n\n - An information disclosure vulnerability exists in the\n Windows GDI component due improper handling of objects\n in memory. An authenticated, remote attacker can exploit\n this, via a specially crafted application, to disclose\n kernel memory addresses. (CVE-2016-3251)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-090\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Windows Vista, 2008, 7,\n2008 R2, 2012, 8.1, 2012 R2, and 10.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-3286\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS16-090';\nkbs = make_list(\n \"3163912\",\n \"3168965\",\n \"3172985\"\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\n\nif (\n # 10 threshold 2 (aka 1511)\n hotfix_is_vulnerable(os:\"10\", sp:0, file:\"win32kfull.sys\", version:\"10.0.10586.494\", os_build:\"10586\", dir:\"\\system32\", bulletin:bulletin, kb:\"3172985\") ||\n\n # 10 RTM\n hotfix_is_vulnerable(os:\"10\", sp:0, file:\"win32kfull.sys\", version:\"10.0.10240.17022\", os_build:\"10240\", dir:\"\\system32\", bulletin:bulletin, kb:\"3163912\") ||\n\n # Windows 8.1 / Windows Server 2012 R2\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"win32k.sys\", version:\"6.3.9600.18377\", min_version:\"6.3.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"3168965\") ||\n\n # Windows 8 / Windows Server 2012\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"win32k.sys\", version:\"6.2.9200.21896\", min_version:\"6.2.9200.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"3168965\") ||\n\n # Windows 7 / Server 2008 R2\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"win32k.sys\", version:\"6.1.7601.23471\", min_version:\"6.1.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"3168965\") ||\n\n # Vista / Windows Server 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"win32k.sys\", version:\"6.0.6002.23979\", min_version:\"6.0.6002.23000\", dir:\"\\system32\", bulletin:bulletin, kb:\"3168965\") ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"win32k.sys\", version:\"6.0.6002.19664\", min_version:\"6.0.6001.18000\", dir:\"\\system32\", bulletin:bulletin, kb:\"3168965\")\n)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-10T19:47:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-3250", "CVE-2016-3252", "CVE-2016-3249", "CVE-2016-3251", "CVE-2016-3286", "CVE-2016-3254"], "description": "This host is missing an important security\n update according to Microsoft Bulletin MS16-090.", "modified": "2020-06-08T00:00:00", "published": "2016-07-13T00:00:00", "id": "OPENVAS:1361412562310808577", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808577", "type": "openvas", "title": "Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (3171481)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (3171481)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808577\");\n script_version(\"2020-06-08T14:40:48+0000\");\n script_cve_id(\"CVE-2016-3249\", \"CVE-2016-3250\", \"CVE-2016-3251\", \"CVE-2016-3252\",\n \"CVE-2016-3254\", \"CVE-2016-3286\");\n script_bugtraq_id(91597, 91613, 91600, 91614, 91615, 91616);\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-08 14:40:48 +0000 (Mon, 08 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-13 08:12:28 +0530 (Wed, 13 Jul 2016)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (3171481)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft Bulletin MS16-090.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist,\n\n - When the Windows kernel-mode driver fails to properly handle objects in\n memory.\n\n - When the Windows GDI component improperly discloses kernel memory addresses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to run arbitrary code in kernel mode, and obtain information to\n further compromise the user's system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows Vista x32/x64 Service Pack 2\n\n - Microsoft Windows Server 2008 x32/x64 Service Pack 2\n\n - Microsoft Windows 7 x32/x64 Service Pack 1\n\n - Microsoft Windows Server 2008 R2 x64 Service Pack 1\n\n - Microsoft Windows 8.1 x32/x64\n\n - Microsoft Windows Server 2012/2012R2\n\n - Microsoft Windows 10 x32/x64\n\n - Microsoft Windows 10 Version 1511 x32/x64\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/kb/3171481\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/library/security/MS16-090\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/library/security/MS16-090\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(winVista:3, winVistax64:3, win7:2, win7x64:2, win2008:3, win2008x64:3,\n win2008r2:2, win2012:1, win2012R2:1, win8_1:1, win8_1x64:1, win10:1,\n win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"System32\\Win32k.sys\");\nif(!sysVer){\n exit(0);\n}\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.3.9600.18377\"))\n {\n Vulnerable_range = \"Less than 6.3.9600.18377\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.1.7601.23471\"))\n {\n Vulnerable_range = \"Less than 6.1.7601.23471\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win2012:1) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.2.9200.21896\"))\n {\n Vulnerable_range = \"Less than 6.2.9200.21896\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(winVista:3, winVistax64:3, win2008:3, win2008x64:3) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.0.6002.19664\"))\n {\n Vulnerable_range = \"Less than 6.0.6002.19664\";\n VULN = TRUE ;\n }\n else if(version_in_range(version:sysVer, test_version:\"6.0.6002.23000\", test_version2:\"6.0.6002.23978\"))\n {\n Vulnerable_range = \"6.0.6002.23000 - 6.0.6002.23978\";\n VULN = TRUE ;\n }\n}\n\nelse if(hotfix_check_sp(win10:1, win10x64:1) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"10.0.10240.16384\"))\n {\n Vulnerable_range = \"Less than 10.0.10240.16384\";\n VULN = TRUE ;\n }\n else if(version_in_range(version:sysVer, test_version:\"10.0.10586.0\", test_version2:\"10.0.10586.19\"))\n {\n Vulnerable_range = \"10.0.10586.0 - 10.0.10586.19\";\n VULN = TRUE ;\n }\n}\n\nif(VULN)\n{\n report = 'File checked: ' + sysPath + \"\\System32\\Win32k.sys\" + '\\n' +\n 'File version: ' + sysVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range + '\\n' ;\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T11:20:46", "description": "### *Detect date*:\n07/12/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information.\n\n### *Affected products*:\nMicrosoft Windows 10 Version 1511 \nMicrosoft Windows Vista Service Pack 2 \nMicrosoft Windows Server 2008 Service Pack 2 \nMicrosoft Windows 7 Service Pack 1 \nMicorosft Windows 2008 R2 Service Pack 1 \nMicrosoft Windows 8.1 \nMicrosoft Windows 2012 \nMicrosoft Windows 2012 R2 \nMicrosoft Windows RT \nMicrosoft Windows 10\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2016-3238](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3238>) \n[CVE-2016-3239](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3239>) \n[CVE-2016-3249](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3249>) \n[CVE-2016-3287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3287>) \n[CVE-2016-3258](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3258>) \n[CVE-2016-3256](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3256>) \n[CVE-2016-3254](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3254>) \n[CVE-2016-3286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3286>) \n[CVE-2016-3252](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3252>) \n[CVE-2016-3250](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3250>) \n[CVE-2016-3251](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3251>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows Vista](<https://threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/>)\n\n### *CVE-IDS*:\n[CVE-2016-3238](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3238>)9.3Critical \n[CVE-2016-3239](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3239>)7.2High \n[CVE-2016-3249](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3249>)7.2High \n[CVE-2016-3287](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3287>)2.1Warning \n[CVE-2016-3258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3258>)1.2Warning \n[CVE-2016-3256](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3256>)2.1Warning \n[CVE-2016-3254](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3254>)7.2High \n[CVE-2016-3286](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3286>)7.2High \n[CVE-2016-3252](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3252>)7.2High \n[CVE-2016-3250](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3250>)7.2High \n[CVE-2016-3251](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3251>)2.1Warning\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[3172985](<http://support.microsoft.com/kb/3172985>) \n[3170377](<http://support.microsoft.com/kb/3170377>) \n[3163912](<http://support.microsoft.com/kb/3163912>) \n[3170455](<http://support.microsoft.com/kb/3170455>) \n[3168965](<http://support.microsoft.com/kb/3168965>) \n[3172727](<http://support.microsoft.com/kb/3172727>) \n[4038782](<http://support.microsoft.com/kb/4038782>) \n[4038786](<http://support.microsoft.com/kb/4038786>) \n[4038783](<http://support.microsoft.com/kb/4038783>) \n[4038792](<http://support.microsoft.com/kb/4038792>) \n[4038799](<http://support.microsoft.com/kb/4038799>) \n[4038793](<http://support.microsoft.com/kb/4038793>) \n[4038781](<http://support.microsoft.com/kb/4038781>)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-12T00:00:00", "type": "kaspersky", "title": "KLA10840 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3238", "CVE-2016-3239", "CVE-2016-3249", "CVE-2016-3250", "CVE-2016-3251", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3256", "CVE-2016-3258", "CVE-2016-3286", "CVE-2016-3287"], "modified": "2020-07-22T00:00:00", "id": "KLA10840", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10840/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-18T11:01:25", "description": "### *Detect date*:\n07/12/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, obtain sensitive information, bypass security restrictions.\n\n### *Affected products*:\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 for 32-bit Systems \nVBScript 5.7 \nWindows Vista x64 Edition Service Pack 2 \nInternet Explorer 9 \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 8.1 for x64-based systems \nWindows Server 2012 \nWindows Vista Service Pack 2 \nInternet Explorer 11 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows RT 8.1 \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows 10 Version 1511 for 32-bit Systems \nJScript 5.8 \nMicrosoft Edge (EdgeHTML-based) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1511 for x64-based Systems \nVBScript 5.8 \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nInternet Explorer 10 \nWindows Server 2012 R2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2016-3238](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3238>) \n[CVE-2016-3239](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3239>) \n[CVE-2016-3248](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3248>) \n[CVE-2016-3252](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3252>) \n[CVE-2016-3259](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3259>) \n[CVE-2016-3286](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3286>) \n[CVE-2016-3274](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3274>) \n[CVE-2016-3264](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3264>) \n[CVE-2016-3249](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3249>) \n[CVE-2016-3204](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3204>) \n[CVE-2016-3273](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3273>) \n[CVE-2016-3245](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3245>) \n[CVE-2016-3254](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3254>) \n[CVE-2016-3251](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3251>) \n[CVE-2016-3241](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3241>) \n[CVE-2016-3240](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3240>) \n[CVE-2016-3242](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-3242>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2016-3204](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3204>)9.3Critical \n[CVE-2016-3248](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3248>)9.3Critical \n[CVE-2016-3259](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3259>)9.3Critical \n[CVE-2016-3264](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3264>)7.6Critical \n[CVE-2016-3273](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3273>)2.6Warning \n[CVE-2016-3274](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3274>)2.6Warning \n[CVE-2016-3240](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3240>)7.6Critical \n[CVE-2016-3241](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3241>)7.6Critical \n[CVE-2016-3242](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3242>)7.6Critical \n[CVE-2016-3245](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3245>)4.3Warning \n[CVE-2016-3238](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3238>)9.3Critical \n[CVE-2016-3239](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3239>)7.2High \n[CVE-2016-3249](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3249>)7.2High \n[CVE-2016-3254](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3254>)7.2High \n[CVE-2016-3286](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3286>)7.2High \n[CVE-2016-3252](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3252>)7.2High \n[CVE-2016-3251](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3251>)2.1Warning\n\n### *KB list*:\n[3170455](<http://support.microsoft.com/kb/3170455>) \n[3168965](<http://support.microsoft.com/kb/3168965>) \n[4038779](<http://support.microsoft.com/kb/4038779>) \n[4038777](<http://support.microsoft.com/kb/4038777>) \n[3170106](<http://support.microsoft.com/kb/3170106>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-12T00:00:00", "type": "kaspersky", "title": "KLA11909 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3204", "CVE-2016-3238", "CVE-2016-3239", "CVE-2016-3240", "CVE-2016-3241", "CVE-2016-3242", "CVE-2016-3245", "CVE-2016-3248", "CVE-2016-3249", "CVE-2016-3251", "CVE-2016-3252", "CVE-2016-3254", "CVE-2016-3259", "CVE-2016-3264", "CVE-2016-3273", "CVE-2016-3274", "CVE-2016-3286"], "modified": "2020-07-21T00:00:00", "id": "KLA11909", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11909/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}