Microsoft Security Bulletin Coverage (July 12, 2016)
Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of July 12, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:
MS16-084 Cumulative Security Update for Internet Explorer
- CVE-2016-3204 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3240 Internet Explorer Memory Corruption Vulnerability
IPS:11711 ” Internet Explorer Memory Corruption Vulnerability (MS16-084) 1 “ - CVE-2016-3241 Internet Explorer Memory Corruption Vulnerability
IPS:11712 ” Internet Explorer Memory Corruption Vulnerability (MS16-084) 2 “ - CVE-2016-3242 Microsoft Browser Memory Corruption Vulnerability
IPS:11713 ” Internet Explorer Memory Corruption Vulnerability (MS16-084) 3″ - CVE-2016-3243 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3245 Internet Explorer Security Feature Bypass Vulnerability
There are no known exploits in the wild. - CVE-2016-3248 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3259 Scripting Engine Memory Corruption Vulnerability
IPS:11716 ” Scripting Engine Memory Corruption Vulnerability (MS16-084) 1 “ - CVE-2016-3260 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3261 Internet Explorer Information Disclosure Vulnerability
IPS:11717 ” Internet Explorer Information Disclosure Vulnerability (MS16-084) 1 “ - CVE-2016-3273 Microsoft Browser XSS Vulnerability
There are no known exploits in the wild. - CVE-2016-3274 Microsoft Browser Spoofing Vulnerability
IPS:11718 ” Microsoft Browser Spoofing Vulnerability (MS16-084) 1″ - CVE-2016-3276 Microsoft Browser Spoofing Vulnerability
IPS:11719 ” Microsoft Browser Spoofing Vulnerability (MS16-084) 2″ - CVE-2016-3277 Microsoft Browser Information Disclosure Vulnerability
IPS:11724 ” Internet Explorer Memory Corruption Vulnerability (MS16-085) 9 “
MS16-085 Cumulative Security Update for Microsoft Edge
- CVE-2016-3244 Microsoft Edge Security Feature Bypass
IPS: 11721 “Internet Explorer Memory Corruption Vulnerability (MS16-085) 6 “ - CVE-2016-3246 Microsoft Edge Memory Corruption Vulnerability
IPS:11722 ” Internet Explorer Memory Corruption Vulnerability (MS16-085) 7 “ - CVE-2016-3248 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3259 Scripting Engine Memory Corruption Vulnerability
IPS:11716 ” Scripting Engine Memory Corruption Vulnerability (MS16-084) 1 “ - CVE-2016-3260 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3265 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3269 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3271 Scripting Engine Information Disclosure Vulnerability
IPS:11723 ” Internet Explorer Memory Corruption Vulnerability (MS16-085) 8 “ - CVE-2016-3273 Microsoft Browser XSS Vulnerability
There are no known exploits in the wild. - CVE-2016-3274 Microsoft Browser Spoofing Vulnerability
IPS:11718 ” Microsoft Browser Spoofing Vulnerability (MS16-084) 1″ - CVE-2016-3276 Microsoft Browser Spoofing Vulnerability
IPS:11719 ” Microsoft Browser Spoofing Vulnerability (MS16-084) 2″ - CVE-2016-3277 Microsoft Browser Information Disclosure Vulnerability
IPS:11724 ” Internet Explorer Memory Corruption Vulnerability (MS16-085) 9 “
MS16-086 Cumulative Security Update for JScript and VBScript
-
CVE-2016-3204 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
MS16-087 Security Update for Windows Print Spooler Components
- CVE-2016-3238 Microsoft Print Spooler Remote Code Execution Vulnerability
This is a local Vulnerability. - CVE-2016-3239 Windows Print Spooler Elevation of Privilege
This is a local Vulnerability.
MS16-088 Security Update for Microsoft Office
- CVE-2016-3278 Microsoft Office Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-3279 Microsoft Office Remote Code Execution Vulnerability
IPS: 11725 “Internet Explorer Memory Corruption Vulnerability (MS16-088) 10 “ - CVE-2016-3280 Microsoft Office Memory Corruption Vulnerability
IPS: 11726 “Internet Explorer Memory Corruption Vulnerability (MS16-088) 11” - CVE-2016-3281 Microsoft Office Memory Corruption Vulnerability
SPY: 1100 “Malformed-File doc.MP.38” - CVE-2016-3282 Microsoft Office Memory Corruption Vulnerability
SPY: 1101 “Malformed-File doc.MP.39” - CVE-2016-3283 Microsoft Office Memory Corruption Vulnerability
SPY: 1102 “Malformed-File doc.MP.40” - CVE-2016-3284 Microsoft Office Memory Corruption Vulnerability
There are no known exploits in the wild.
MS16-089 Security Update for Windows Secure Kernel Mode
- CVE-2016-3256 Windows Secure Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
MS16-090 Security Update for Windows Kernel-Mode Drivers
- CVE-2016-3249 Win32k Elevation of Privilege Vulnerability
This is a local Vulnerability. - CVE-2016-3250 Win32k Elevation of Privilege Vulnerability
This is a local Vulnerability. - CVE-2016-3251 GDI Component Information Disclosure Vulnerability
This is a local Vulnerability. - CVE-2016-3252 Win32k Elevation of Privilege Vulnerability
This is a local Vulnerability. - CVE-2016-3254 Win32k Elevation of Privilege Vulnerability
This is a local Vulnerability. - CVE-2016-3286 Win32k Elevation of Privilege Vulnerability
This is a local Vulnerability.
MS16-091 Security Update for .NET Framework
- CVE-2016-3255 .NET Information Disclosure Vulnerability
There are no known exploits in the wild.
MS16-092 Security Update for Windows Kernel
- CVE-2016-3258 Windows File System Security Feature Bypass Vulnerability
There are no known exploits in the wild. - CVE-2016-3272 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
MS16-094 Security Update for Secure Boot
- CVE-2016-3287 Secure Boot Security Feature Bypass Vulnerability
There are no known exploits in the wild.
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
