MS16-106: Security Update for Microsoft Graphics Component (3185848)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by multiple vulnerabilities.

Description :

The remote Windows host is missing a security update. It is,
therefore, affected by multiple vulnerabilities :

- Multiple elevation of privilege vulnerabilities exist in
Windows kernel-mode drivers due to improper handling of
objects in memory. An authenticated, remote attacker can
exploit these, via a specially crafted application, to
run arbitrary code in kernel mode. (CVE-2016-3348,
CVE-2016-3349)

- An information disclosure vulnerability exists in the
Graphics Device Interface (GDI) due to improper handling
of objects in memory. An authenticated, remote attacker
can exploit this, via a specially crafted application,
to circumvent the Address Space Layout Randomization
(ASLR) feature and disclose sensitive memory
information. (CVE-2016-3354)

- An elevation of privilege vulnerability exists in the
Graphics Device Interface (GDI) due to improper handling
of objects in memory. An authenticated, remote attacker
can exploit this to run arbitrary code in kernel mode.
(CVE-2016-3355)

- An unspecified flaw exists in the Graphics Device
Interface (GDI) due to improper handling of objects in
memory. An unauthenticated, remote attacker can exploit
this, by convincing a user to visit a specially crafted
website or open a malicious document, to execute
arbitrary code in the context of the current user.
(CVE-2016-3356

See also :

https://technet.microsoft.com/en-us/library/security/MS16-106

Solution :

Microsoft has released a set of patches for Windows Vista, 2008, 7,
2008 R2, 2012, 8.1, RT 8.1, 2012 R2, and 10.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 93466 ()

Bugtraq ID: 92782
92783
92784
92787
92792

CVE ID: CVE-2016-3348
CVE-2016-3349
CVE-2016-3354
CVE-2016-3355
CVE-2016-3356

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now