19 matches found
EUVD-2018-1672
Malware in sbrugna...
November 8, 2016 — KB3198585 (OS Build 10240.17190)
November 8, 2016 — KB3198585 OS Build 10240.17190 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Addressed issue to update the Access Point Name APN database. Addressed issue with deadlocks...
Privilege escalation
The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled...
KB4088786: Windows 10 March 2018 Security Update
The remote Windows host is missing security update 4088786. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Windows Remote Assistance incorrectly processes XML External Entities XXE. An attacker who successfully exploited the...
KB4088782: Windows 10 Version 1703 March 2018 Security Update
The remote Windows host is missing security update 4088782. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry. An attacker who successfully exploited this...
KLA11778 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. An information...
KB4088879: Windows 8.1 and Windows Server 2012 R2 March 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4088879 or cumulative update 4088876. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local...
Description of the security update for the Microsoft Video Control elevation of privilege vulnerability in WES09 and POSReady 2009: March 13, 2018
Description of the security update for the Microsoft Video Control elevation of privilege vulnerability in WES09 and POSReady 2009: March 13, 2018 Summary An elevation of privilege vulnerability exists in Windows when the Microsoft Video Control mishandles objects in memory. An attacker who...
CVE-2016-7248
Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Video Control Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Video Control Remote Code Execution Vulnerability."...
CVE-2016-7248
CVE-2016-7248 affects Microsoft Windows Video Control in Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 (versions 1507–1607). The vulnerability allows remote attackers to execute arbitrary code by rendering a crafted file; the issue stems from the Microsoft Video Co...
Cumulative update for Windows 10: November 8, 2016
Cumulative update for Windows 10: November 8, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10. It also resolves the following vulnerabilities in Windows: 3198467 MS16-142: Cumulative security update for Internet Explorer: November 8, 2016 31934...
November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security updates includes improvements and fixes from update 3192403. To learn more about the non-security improvements and fixes in this update, see the October 18, 2016 — KB3192403 Previe...
MS16-131: Security update for Microsoft Video Control: November 8, 2016
Resolves a vulnerability in Windows that could allow remote code execution when Microsoft Video Control fails to properly handle objects in memory.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Microsoft Video...
MS16-122: Security Update for Microsoft Video Control (3195360)
The remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in Microsoft Video Control due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this vulnerability by convincing a user to visit a...
Cumulative update for Windows 10 Version 1511: October 11, 2016
Cumulative update for Windows 10 Version 1511: October 11, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 Version 1511. It also resolves the following vulnerabilities in Windows: 3193229 MS16-125: Security update for diagnostics hub: October 1...
Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016
Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 Version 1607 and Windows Server 2016. It also resolves the following vulnerabilities in Windows: 3193229 MS16-125...
Microsoft Video Control Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Video Control fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...
KLA11906 Multiple vulnerabilities for Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...