Microsoft Security Bulletin Coverage (Feb 9, 2016)
Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of Feb. 9, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:
MS16-009 Cumulative Security Update for Internet Explorer
- CVE-2016-0059 Internet Explorer Information Disclosure Vulnerability
SPY: 1008 “Malformed-File xls.MP.49” - CVE-2016-0060 Internet Explorer Memory Corruption Vulnerability
IPS:11444 “Internet Explorer Information Disclosure Vulnerability (MS16-009) 1” - CVE-2016-0061 Microsoft Browser Memory Corruption Vulnerability
IPS: 11445 “Microsoft Browser Memory Corruption Vulnerability (MS16-009) 1 “ - CVE-2016-0062 Microsoft Browser Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-0063 Internet Explorer Memory Corruption Vulnerability
IPS: 11446 “Internet Explorer Memory Corruption Vulnerability (MS16-009) 2” - CVE-2016-0064 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-0065 Internet Explorer Spoofing Vulnerability
There are no known exploits in the wild. - CVE-2016-0067 Internet Explorer Memory Corruption Vulnerability
IPS: 11447 “Internet Explorer Memory Corruption Vulnerability (MS16-009) 3” - CVE-2016-0068 Internet Explorer Elevation of Privilege Vulnerability
IPS: 11448 “Internet Explorer Elevation of Privilege Vulnerability (MS16-009) 1” - CVE-2016-0069 Internet Explorer Elevation of Privilege Vulnerability
There are no known exploits in the wild. - CVE-2016-0071 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-0072 Internet Explorer Memory Corruption Vulnerability
IPS: 11449 “Internet Explorer Memory Corruption Vulnerability (MS16-009) 4” - CVE-2016-0086 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild.
MS16-011 Cumulative Security Update for Microsoft Edge
- CVE-2016-0061 Microsoft Browser Memory Corruption Vulnerability
IPS: 11445 “Microsoft Browser Memory Corruption Vulnerability (MS16-009) 1 “ - CVE-2016-0062 Microsoft Browser Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-0077 Microsoft Edge Spoofing Vulnerability
There are no known exploits in the wild. - CVE-2016-0078 Microsoft Edge Spoofing Vulnerability
IPS: 11450 “Microsoft Edge Spoofing Vulnerability (MS16-011) 1 “ - CVE-2016-0080 Microsoft Edge ASLR Bypass
There are no known exploits in the wild. - CVE-2016-0082 Microsoft Edge Memory Corruption Vulnerability
There are no known exploits in the wild. - CVE-2016-0083 Microsoft Edge Information Disclosure Vulnerability
There are no known exploits in the wild. - CVE-2016-0084 Microsoft Edge Memory Corruption Vulnerability
There are no known exploits in the wild.
MS16-012 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution
- CVE-2016-0046 Microsoft Windows Reader Vulnerability
There are no known exploits in the wild. - CVE-2016-0058 Microsoft PDF Library Buffer Overflow Vulnerability
There are no known exploits in the wild.
MS16-013 Security Updates for Windows Journal to Address Remote Code Execution
- CVE-2016-0038 Windows Journal Memory Corruption vulnerability
There are no known exploits in the wild.
MS16-014 Security Update for Microsoft Windows to Address Remote Code Execution
- CVE-2016-0040 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild. - CVE-2016-0041 Windows DLL Loading Remote Code Execution Vulnerability
SPY: 4486 “Malformed-File ppsx.MP.2” - CVE-2016-0042 Windows DLL Loading Remote Code Execution Vulnerability
SPY: 4483 “Malformed-File rtf.MP.8” - CVE-2016-0044 Windows DLL Loading Denial of Service Vulnerability
There are no known exploits in the wild. - CVE-2016-0049 Windows Kerberos Security Feature Bypass Vulnerability
There are no known exploits in the wild.
MS16-015 Security Update for Microsoft Office to Address Remote Code Execution
- CVE-2016-0022 Microsoft Office Memory Corruption Vulnerability
SPY: 4484 “Malformed-File rtf.MP.9” - CVE-2016-0039 Microsoft SharePoint XSS Vulnerability
There are no known exploits in the wild. - CVE-2016-0052 Microsoft Office Memory Corruption Vulnerability
SPY: 4480 “Malformed-File rtf.MP.6” - CVE-2016-0053 Microsoft Office Memory Corruption Vulnerability
SPY: 4479 “Malformed-File rtf.MP.7” - CVE-2016-0054 Microsoft Office Memory Corruption Vulnerability
SPY: 4481 “Malformed-File xlsx.MP.2” - CVE-2016-0055 Microsoft SharePoint XSS Vulnerability
There are no known exploits in the wild. - CVE-2016-0056 Microsoft Office Memory Corruption Vulnerability
SPY: 4482 “Malformed-File docx.MP.9” - CVE-2016-0057 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
MS16-016 Security Update for WebDAV to Address Elevation of Privilege
- CVE-2016-0051 WebDAV Elevation of Privilege Vulnerability
There are no known exploits in the wild.
MS16-017 Security Update for Remote Desktop Display Driver to Address Elevation of Privilege
- CVE-2016-0036 Remote Desktop Protocol (RDP) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
MS16-018 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege
- CVE-2016-0048 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
MS16-019 Security Update for .NET Framework to Address Denial of Service
- CVE-2016-0033 .NET Framework Stack Overflow Denial of Service Vulnerability
There are no known exploits in the wild. - CVE-2016-0047 Windows Forms Information Disclosure Vulnerability
There are no known exploits in the wild.
MS16-020 Security Update for Active Directory Federation Services to Address Denial of Service
- CVE-2016-0037 Microsoft Active Directory Federation Services Denial of Service Vulnerability
There are no known exploits in the wild.
MS16-021 Security Update for NPS RADIUS Server to Address Denial of Service
- CVE-2016-0050 Network Policy Server RADIUS Implementation Denial of Service Vulnerability
There are no known exploits in the wild.