Posts

Microsoft Security Bulletin Coverage (Jan 12, 2016)

/in /by

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of January, 12, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-001 Cumulative Security Update for Internet Explorer

  • CVE-2016-0002 Scripting Engine Memory Corruption Vulnerability
    IPS: 11383 “Scripting Engine Memory Corruption Vulnerability (MS16-001) 1”
  • CVE-2016-0005 Internet Explorer Elevation of Privilege Vulnerability
    IPS: 11384 “Internet Explorer Elevation of Privilege Vulnerability (MS16-001) 2 “

MS16-002 Cumulative Security Update for Microsoft Edge

  • CVE-2016-0003 Microsoft Edge Memory Corruption Vulnerability
    IPS: 11385 “Microsoft Edge Memory Corruption Vulnerability (MS16-002) 3 “
  • CVE-2016-0024 Scripting Engine Memory Corruption Vulnerability
    IPS: 11386 “Scripting Engine Memory Corruption Vulnerability (MS16-002) 4 “

MS16-003 Cumulative Security Update for Jscript and VBScript to Address Remote Code Execution

  • CVE-2016-0002 Scripting Engine Memory Corruption Vulnerability
    IPS: 11383 “Scripting Engine Memory Corruption Vulnerability (MS16-001) 1”

MS16-004 Security Updates for Microsoft Office to Address Remote Code Execution

  • CVE-2015-6117 Microsoft SharePoint Security Feature Bypass
    There are no known exploits in the wild.
  • CVE-2016-0010 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0012 ASLR bypass vulnerability
    IPS: 11387 “ASLR bypass vulnerability (MS16-004) 5”
  • CVE-2016-0035 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-005 Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution

  • CVE-2016-0008 Windows GDI32.dll ASLR Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0009 Win32k Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-006 Security Update for Silverlight to Address Remote Code Execution

  • CVE-2016-0034 Silverlight Runtime Remote Code Execution Vulnerability
    IPS: 11388 “Silverlight Runtime Remote Code Execution Vulnerability (MS16-006) 5”

MS16-007 Security Update for Microsoft Windows to Address Remote Code Execution

  • CVE-2016-0014 DLL Loading Elevation of Privilege Vulnerability
    This is a local Vulnerability
  • CVE-2016-0015 DirectShow Heap Corruption Remote Code Execution Vulnerability
    IPS: 11389 “DirectShow Heap Corruption Remote Code Execution Vulnerability (MS16-007) 6”
  • CVE-2016-0016 DLL Loading Remote Code Execution Vulnerability
    IPS: 11390 “DLL Loading Remote Code Execution Vulnerability (MS16-007) 7”
  • CVE-2016-0018 DLL Loading Remote Code Execution Vulnerability
    IPS: 11391 “DLL Loading Remote Code Execution Vulnerability (MS16-007) 8”
  • CVE-2016-0019 Windows Remote Desktop Protocol Security Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0020 MAPI DLL Loading Elevation of Privilege Vulnerability
    This is a local Vulnerability

MS16-008 Security Update for Windows Kernel to Address Elevation of Privilege

  • CVE-2016-0006 Windows Mount Point Elevation of Privilege Vulnerability
    IPS: 11392 ” Windows Mount Point Elevation of Privilege Vulnerability(MS16-008) 9″
  • CVE-2016-0007 Windows Mount Point Elevation of Privilege Vulnerability
    IPS: 11393 ” Windows Mount Point Elevation of Privilege Vulnerability(MS16-008) 10″

MS16-010 Security Update in Microsoft Exchange Server to Address Spoofing

  • CVE-2016-0029 Exchange Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0030 Exchange Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0031 Exchange Spoofing Vulnerability
    There are no known exploits
    in the wild.
  • CVE-2016-0032 Exchange Spoofing Vulnerability
    There are no known exploits in the wild.

Microsoft Security Bulletin Coverage (Mar 8, 2016)

/in /by

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of Mar. 8, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-023 Cumulative Security Update for Internet Explorer

  • CVE-2016-0102 Microsoft Browser Memory Corruption Vulnerability
    IPS:11490 ” Internet Explorer Memory Corruption Vulnerability (MS16-023) 1″
  • CVE-2016-0103 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0104 Internet Explorer Memory Corruption Vulnerability
    IPS: 11491 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 2 “
  • CVE-2016-0105 Microsoft Browser Memory Corruption Vulnerability
    IPS: 5173 “Obfuscated ActiveX Instantiation 3”
  • CVE-2016-0106 Internet Explorer Memory Corruption Vulnerability
    IPS: 11492 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 3”
  • CVE-2016-0107 Internet Explorer Memory Corruption Vulnerability
    IPS: 11493 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 4”
  • CVE-2016-0108 Internet Explorer Memory Corruption Vulnerability
    IPS: 11494 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 5”
  • CVE-2016-0109 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11495 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 6”
  • CVE-2016-0110 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11497 ” Internet Explorer Memory Corruption Vulnerability (MS16-023) 8″
  • CVE-2016-0111 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11498 ” Internet Explorer Memory Corruption Vulnerability (MS16-023) 7″
  • CVE-2016-0112 Internet Explorer Memory Corruption Vulnerability
    IPS: 11501 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 10”
  • CVE-2016-0113 Internet Explorer Memory Corruption Vulnerability
    IPS: 11503 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 11”
  • CVE-2016-0114 Internet Explorer Memory Corruption Vulnerability
    IPS: 11504 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 12”

MS16-024 Cumulative Security Update for Microsoft Edge

  • CVE-2016-0102 Microsoft Browser Memory Corruption Vulnerability
    IPS:11490 ” Internet Explorer Memory Corruption Vulnerability (MS16-023) 1″
  • CVE-2016-0105 Microsoft Browser Memory Corruption Vulnerability
    IPS: 5173 “Obfuscated ActiveX Instantiation 3”
  • CVE-2016-0109 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11495 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 6”
  • CVE-2016-0110 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11497 “Internet Explorer Memory Corruption Vulnerability (MS16-023) 8”
  • CVE-2016-0111 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11498 ” Internet Explorer Memory Corruption Vulnerability (MS16-023) 7″
  • CVE-2016-0116 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0123 Microsoft Edge Information Disclosure Vulnerability
    IPS: 11496 “Microsoft Edge Memory Corruption Vulnerability (MS16-024) 1”
  • CVE-2016-0124 Microsoft Edge Information Disclosure Vulnerability
    IPS: 11499 “Microsoft Edge Memory Corruption Vulnerability (MS16-024) 2”
  • CVE-2016-0125 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0129 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0130 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-025 Security Update for Windows Library Loading to Address Remote Code Execution

  • CVE-2016-0100 Library Loading Input Validation Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-026 Security Updates for Graphic Fonts to Address Remote Code Execution

  • CVE-2016-0120 OpenType Font Parsing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0121 OpenType Font Parsing Vulnerability
    There are no known exploits in the wild.

MS16-027 Security Update for Windows Media to Address Remote Code Execution

  • CVE-2016-0098 Windows Media Player Parsing Remote Code Execution Vulnerability
    IPS: 11500 “Windows Media Player Parsing Remote Code Execution 1”
  • CVE-2016-0101 Windows Media Player Parsing Remote Code Execution Vulnerability
    IPS: 11502 “Windows Media Player Parsing Remote Code Execution 2 “

MS16-028 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution

  • CVE-2016-0117 Remote Code Execution Vulnerability
    SPY: 3280 “FathFTP ActiveX RasIsConnected Method Invocation”
  • CVE-2016-0118 Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-029 Security Update for Microsoft Office to Address Remote Code Execution

  • CVE-2016-0021 Microsoft Office Memory Corruption Vulnerability
    SPY: 3252 “Malformed-File rtf.MP.11”
  • CVE-2016-0057 Microsoft Office Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0134 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-030 Security Update for Windows OLE to Address Remote Code Execution

  • CVE-2016-0091 Windows OLE Memory Remote Code Execution Vulnerability
    SPY: 2439 “Malformed-File rtf.MP.10”
  • CVE-2016-0092 Windows OLE Memory Remote Code Execution Vulnerability
    SPY: 3251 “Malformed-File rtf.MP.12”

MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege

  • CVE-2016-0087 Windows Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-032 Security Update for Secondary Logon to Address Elevation of Privilege

  • CVE-2016-0099 Secondary Logon Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-033 Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege

  • CVE-2016-0133 USB Mass Storage Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-034 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege

  • CVE-2016-0093 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0094 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0095 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0096 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-035 Security Update for .NET Framework to Address Security Feature Bypass

  • CVE-2016-0035 .NET XML Validation Security Feature Bypass
    There are no known exploits in the wild.