[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri May 27 05:21:09 PDT 2016
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 488 Published: Thu, 26 May 2016 17:58:28 GMT
New Fixlets:
============
***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0173 (MS16-062)
Severity: High
Fixlet ID: 76001
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A760
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0173
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0171, CVE-2016-0174, and CVE-2016-0196.
***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0174 (MS16-062)
Severity: High
Fixlet ID: 76102
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A761
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0174
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0171, CVE-2016-0173, and CVE-2016-0196.
***************************************************************
Title: Win32k Information Disclosure Vulnerability - CVE-2016-0175 (MS16-062)
Severity: Low
Fixlet ID: 76202
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A762
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0175
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to obtain sensitive information about kernel-object addresses, and consequently bypass the KASLR protection mechanism, via a crafted application, aka "Win32k Information Disclosure Vulnerability."
***************************************************************
Title: Win32k Elevation of Privilege Vulnerability - CVE-2016-0171 (MS16-062)
Severity: High
Fixlet ID: 76302
Fixlet Link: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.cisecurity%3Adef%3A763
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0171
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0173, CVE-2016-0174, and CVE-2016-0196.
More information about the WinVulns-Announcements
mailing list