MS16-068: Cumulative Security Update for Microsoft Edge (3163656)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host has a web browser installed that is affected by
multiple vulnerabilities.

Description :

The version of Microsoft Edge installed on the remote Windows host is
missing Cumulative Security Update 3163656. It is, therefore, affected
by multiple vulnerabilities :

- A security feature bypass vulnerability exists due to a
failure to properly validate specially crafted
documents. An unauthenticated, remote attacker can
exploit this vulnerability by convincing a user to load
a page or visit a website containing malicious content,
allowing the attacker to bypass the Edge Content
Security Policy (CSP). (CVE-2016-3198)

- Multiple remote code execution vulnerabilities exist in
the Chakra JavaScript engine due to improper handling of
objects in memory. An unauthenticated, remote attacker
can exploit these vulnerabilities by convincing a user
to visit a specially crafted website or open a specially
crafted Microsoft Office document that hosts the Edge
rendering engine, resulting in the execution of
arbitrary code in the context of the current user.
(CVE-2016-3199, CVE-2016-3202, CVE-2016-3214,
CVE-2016-3222)

- Multiple information disclosure vulnerabilities exist
due to improper parsing of .pdf files. An
unauthenticated, remote attacker can exploit these
vulnerabilities by convincing a user to open a specially
crafted .pdf file, resulting in the disclosure of
sensitive information in the context of the current
user. (CVE-2016-3201, CVE-2016-3215)

- A remote code execution vulnerability exists due to
improper parsing of .pdf files. An unauthenticated,
remote attacker can exploit this vulnerability by
convincing a user to open a specially crafted .pdf file,
resulting in the execution of arbitrary code in the
context of the current user. (CVE-2016-3203)

Note that CVE-2016-3214, CVE-2016-3215, and CVE-2016-3222 only affect
Windows 10 version 1511.

See also :

https://technet.microsoft.com/library/security/MS16-068

Solution :

Microsoft has released a set of patches for Windows 10.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now