MS16-057: Security Update for Windows Shell (3156987)
High Nessus Plugin ID 91007
SynopsisThe remote host is affected by a remote code execution vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in Windows Shell due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this vulnerability by convincing a user to visit a crafted website, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows 8.1, RT 8.1, 2012 R2, and 10.