Posts

Microsoft Security Bulletin Coverage (Jan 12, 2016)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of January, 12, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-001 Cumulative Security Update for Internet Explorer

  • CVE-2016-0002 Scripting Engine Memory Corruption Vulnerability
    IPS: 11383 “Scripting Engine Memory Corruption Vulnerability (MS16-001) 1”
  • CVE-2016-0005 Internet Explorer Elevation of Privilege Vulnerability
    IPS: 11384 “Internet Explorer Elevation of Privilege Vulnerability (MS16-001) 2 “

MS16-002 Cumulative Security Update for Microsoft Edge

  • CVE-2016-0003 Microsoft Edge Memory Corruption Vulnerability
    IPS: 11385 “Microsoft Edge Memory Corruption Vulnerability (MS16-002) 3 “
  • CVE-2016-0024 Scripting Engine Memory Corruption Vulnerability
    IPS: 11386 “Scripting Engine Memory Corruption Vulnerability (MS16-002) 4 “

MS16-003 Cumulative Security Update for Jscript and VBScript to Address Remote Code Execution

  • CVE-2016-0002 Scripting Engine Memory Corruption Vulnerability
    IPS: 11383 “Scripting Engine Memory Corruption Vulnerability (MS16-001) 1”

MS16-004 Security Updates for Microsoft Office to Address Remote Code Execution

  • CVE-2015-6117 Microsoft SharePoint Security Feature Bypass
    There are no known exploits in the wild.
  • CVE-2016-0010 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0012 ASLR bypass vulnerability
    IPS: 11387 “ASLR bypass vulnerability (MS16-004) 5”
  • CVE-2016-0035 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-005 Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution

  • CVE-2016-0008 Windows GDI32.dll ASLR Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0009 Win32k Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-006 Security Update for Silverlight to Address Remote Code Execution

  • CVE-2016-0034 Silverlight Runtime Remote Code Execution Vulnerability
    IPS: 11388 “Silverlight Runtime Remote Code Execution Vulnerability (MS16-006) 5”

MS16-007 Security Update for Microsoft Windows to Address Remote Code Execution

  • CVE-2016-0014 DLL Loading Elevation of Privilege Vulnerability
    This is a local Vulnerability
  • CVE-2016-0015 DirectShow Heap Corruption Remote Code Execution Vulnerability
    IPS: 11389 “DirectShow Heap Corruption Remote Code Execution Vulnerability (MS16-007) 6”
  • CVE-2016-0016 DLL Loading Remote Code Execution Vulnerability
    IPS: 11390 “DLL Loading Remote Code Execution Vulnerability (MS16-007) 7”
  • CVE-2016-0018 DLL Loading Remote Code Execution Vulnerability
    IPS: 11391 “DLL Loading Remote Code Execution Vulnerability (MS16-007) 8”
  • CVE-2016-0019 Windows Remote Desktop Protocol Security Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0020 MAPI DLL Loading Elevation of Privilege Vulnerability
    This is a local Vulnerability

MS16-008 Security Update for Windows Kernel to Address Elevation of Privilege

  • CVE-2016-0006 Windows Mount Point Elevation of Privilege Vulnerability
    IPS: 11392 ” Windows Mount Point Elevation of Privilege Vulnerability(MS16-008) 9″
  • CVE-2016-0007 Windows Mount Point Elevation of Privilege Vulnerability
    IPS: 11393 ” Windows Mount Point Elevation of Privilege Vulnerability(MS16-008) 10″

MS16-010 Security Update in Microsoft Exchange Server to Address Spoofing

  • CVE-2016-0029 Exchange Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0030 Exchange Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0031 Exchange Spoofing Vulnerability
    There are no known exploits
    in the wild.
  • CVE-2016-0032 Exchange Spoofing Vulnerability
    There are no known exploits in the wild.