SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Microsoft Windows Multiple Bugs Let Remote Users Execute Arbitrary Code and Local Users Deny Service, Obtain Information, and Gain Elevated Privileges
SecurityTracker Alert ID:  1036798
SecurityTracker URL:  http://securitytracker.com/id/1036798
CVE Reference:   CVE-2016-3346, CVE-2016-3352, CVE-2016-3368, CVE-2016-3369   (Links to External Site)
Date:  Sep 14 2016
Impact:   Denial of service via local system, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8.1, 2012, 2012 R2, RT 8.1, 10, 10 Version 1511, 10 Version 1607; and prior service packs
Description:   Several vulnerabilities were reported in Microsoft Windows. A local user can cause denial of service conditions on the target system. A local user can obtain elevated privileges on the target system. A remote authenticated user can execute arbitrary code on the target system. A remote user can obtain potentially sensitive information on the target system.

A local user can exploit a DLL-loading error to cause arbitrary code to be executed with system administrator privileges [CVE-2016-3346].

A remote user can create a specially crafted web site, SMB server, or UNC server that, when loaded by the target user, will exploit a flaw in the validation of NT LAN Manager (NTLM) Single Sign-On (SSO) requests during Microsoft Account (MSA) login sessions to conduct brute force guessing attacks against the target user's NTLM password hash [CVE-2016-3352].

A remote authenticated user within the domain can create a specially crafted request to trigger an object memory handling flaw and execute arbitrary code with elevated privileges on the target system [CVE-2016-3368].

Jonathan Brown of VMware Inc reported this vulnerability.

A local user exploit an object memory handling flaw to cause the target system to stop responding [CVE-2016-3369].

Impact:   A local user can cause denial of service conditions on the target system.

A local user can obtain elevated privileges on the target system.

A remote authenticated user can execute arbitrary code on the target system.

A remote user can obtain potentially sensitive information on the target system.

Solution:   The vendor has issued a fix.

Windows Vista Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=3ba0b226-846b-4a94-aafa-56a646c3cbaf

Windows Vista x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=5a926057-53bc-4072-8def-e1214f7d589e

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=990a3086-3053-4b57-bb9f-19c8889835e0

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=294d80ff-29fc-493d-8acd-604b7c892392

Windows 7 for 32-bit Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=ae34f0fd-c000-46ad-8f19-8fb72282f53d

Windows 7 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=ce70bc3e-d86f-41cf-a0b2-66c7043c21d7

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=7ad2a76e-ed1a-468b-a4bc-3e8b6db02a55

Windows 8.1 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=9914d083-b9d9-4480-a53a-3be6016f2652

Windows 8.1 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=de0e92dc-3537-424c-818f-551dc285ef12

Windows 8.1 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=79924689-4726-41d8-9caf-3069c094b92e

Windows 8.1 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=26f5d209-a973-414c-95a6-8af79ef0ac01

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=1729bb34-e1ee-4750-9bf9-9b2d69059818

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=ffbf766f-58cf-4b45-a1f4-6b0552ee68b2

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=990a3086-3053-4b57-bb9f-19c8889835e0

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=294d80ff-29fc-493d-8acd-604b7c892392

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=7ad2a76e-ed1a-468b-a4bc-3e8b6db02a55

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=1729bb34-e1ee-4750-9bf9-9b2d69059818

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=ffbf766f-58cf-4b45-a1f4-6b0552ee68b2

Additional patch information is available in the vendor advisory.

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms16-110

Vendor URL:  technet.microsoft.com/library/security/ms16-110 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC