MS16-120: Security Update for Microsoft Graphics Component (3192884) (macOS)
Medium Nessus Plugin ID 94010
SynopsisA multimedia application framework installed on the remote macOS or Mac OS X host is affected by an information disclosure vulnerability.
DescriptionThe version of Microsoft Silverlight installed on the remote macOS or Mac OS X host is affected by an information disclosure vulnerability in the Graphics Device Interface (GDI) component due to improper handling of objects in memory. A local attacker can exploit this vulnerability, via a specially crafted application, to predict memory offsets in a call stack and bypass the Address Space Layout Randomization (ASLR) feature, resulting in the disclosure of memory contents.
SolutionMicrosoft has released a set of patches for Silverlight 5.