Microsoft Patch Tuesday — March 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated “critical,” 45 that are considered “important” and one “moderate” and “low” vulnerability each. This...

CVE-2016-3375

The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to...

MS16-003: Description of the security update for JScript 5.8 and VBScript 5.8: January 12, 2016

Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploits this vulnerability could gain the same user rights as the current user and then install programs, create...

MS14-011: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)

The installed version of the VBScript Scripting Engine has a memory corruption vulnerability due to improper handling of objects in memory. If an attacker can trick a user on the system into viewing or opening malicious content, this issue could be leveraged to execute arbitrary code on the...

MS10-022: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)

The installed version of the VBScript Scripting Engine allows an attacker to specify a Help file location when displaying a dialog box on a web page. If a user can be tricked into pressing the F1 key while such a dialog box is being displayed, an attacker can leverage this to cause the Windows He...