MS16-110: Security Update for Microsoft Windows (3178467)
High Nessus Plugin ID 93469
SynopsisThe remote Windows host is affected by multiple vulnerabilities.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities :
- An elevation of privilege vulnerability exists due to a failure to properly enforce permissions when loading specially crafted DLLs. A local attacker can exploit this vulnerability to execute arbitrary code with administrator privileges. (CVE-2016-3346)
- An information disclosure vulnerability exists due to a failure to properly validate NT LAN Manager (NTLM) Single Sign-On (SSO) requests during Microsoft Account (MSA) login sessions. An unauthenticated, remote attacker can exploit this vulnerability, by convincing a user to load a malicious document that initiates an NTLM SSO validation request or to visit a malicious website or SMB / UNC path destination, to disclose a user's NTLM password hash. (CVE-2016-3352)
- A remote code execution vulnerability exists due to improper handling of objects in memory. A remote attacker with a domain user account can exploit this vulnerability, via a specially crafted request, to execute arbitrary code with elevated permissions.
- A denial of service vulnerability exists due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this to cause the system to stop responding. (CVE-2016-3369)
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 2012, 8.1, RT 8.1, 2012 R2, and 10.