Posts

Microsoft Security Bulletin Coverage (May 10, 2016)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of May 10, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-051 Cumulative Security Update for Internet Explorer

  • CVE-2016-0188 Internet Explorer Security Feature Bypass
    There are no known exploits in the wild.
  • CVE-2016-0189 Scripting Engine Memory Corruption Vulnerability
    IPS:11594 ” Scripting Engine Memory Corruption Vulnerability (MS16-051) 1″
  • CVE-2016-0192 Microsoft Browser Memory Corruption Vulnerability
    IPS:11595 ” Microsoft Browser Memory Corruption Vulnerability (MS16-051) 1″
  • CVE-2016-0194 Internet Explorer Information Disclosure Vulnerability
    SPY:4495 ” Malformed-File exe.MP.15 “

MS16-052 Cumulative Security Update for Microsoft Edge

  • CVE-2016-0191 Microsoft Edge Memory Corruption Vulnerability
    IPS: 11596 “Microsoft Edge Memory Corruption Vulnerability (MS16-051) 1”
  • CVE-2016-0192 Microsoft Browser Memory Corruption Vulnerability
    IPS:11595 ” Microsoft Browser Memory Corruption Vulnerability (MS16-051) 1″
  • CVE-2016-0193 Scripting Engine Memory Corruption Vulnerability
    IPS:11597 ” Scripting Engine Memory Corruption Vulnerability (MS16-051) 2″

MS16-053 Cumulative Security Update for JScript and VBScript

  • CVE-2016-0187 Scripting Engine Memory Corruption Vulnerability
    IPS:11598 ” Scripting Engine Memory Corruption Vulnerability (MS16-051) 3″
  • CVE-2016-0189 Scripting Engine Memory Corruption Vulnerability
    IPS:11594 “Scripting Engine Memory Corruption Vulnerability (MS16-051) 1”

MS16-054 Security Update for Microsoft Office

  • CVE-2016-0126 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0140 Microsoft Office Memory Corruption Vulnerability
    SPY: 4335 “Malformed-File xls.MP.52”
  • CVE-2016-0183 Microsoft Office Graphics RCE Vulnerability
    There are no known exploits in the wild.

MS16-055 Security Update for Microsoft Graphics Component

  • CVE-2016-0168 Windows Graphics Component Information Disclosure Vulnerability
    SPY: 4500 “Malformed-File emf.MP.2”
  • CVE-2016-0169 Windows Graphics Component Information Disclosure Vulnerability
    SPY: 4499 “Malformed-File emf.MP.1”
  • CVE-2016-0170 Windows Graphics Component RCE Vulnerability
    SPY: 4499 “Malformed-File emf.MP.1”
  • CVE-2016-0184 Direct3D Use After Free Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0195 Direct3D Use After Free RCE Vulnerability
    This is a local Vulnerability.

MS16-056 Security Update for Windows Journal

  • CVE-2016-0182 Windows Journal Memory Corruption Vulnerability
    This is a local Vulnerability.

MS16-057 Security Update for Windows Shell

  • CVE-2016-0179 Windows Shell Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-058 Security Update for Windows IIS

  • CVE-2016-0152 Windows DLL Loading Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-059 Security Update for Windows Media Center

  • CVE-2016-0185 Windows Media Center Remote Code Execution Vulnerability
    IPS:11593 “Windows Media Center Remote Code Execution (MS16-059)”

MS16-060 Security Update for Windows Kernel

  • CVE-2016-0180 Windows Kernel Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-061 Security Update for Microsoft RPC

  • CVE-2016-0178 RPC Network Data Representation Engine Elevation of Privilege Vulnerability
    SPY:4497 “Malformed-File exe.MP.14”

MS16-062 Security Update for Windows Kernel-Mode Drivers

  • CVE-2016-0171 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0172 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0173 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0174 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0175 Win32k Information Disclosure Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0176 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0196 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0197 Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-064 Security Update for Adobe Flash Player

  • CVE-2016-0177 Schannel Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS16-065 Security Update for .NET Framework

  • CVE-2016-0149 TLS/SSL Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS16-066 Security Update for Virtual Secure Mode

  • CVE-2016-0181 Hypervisor Code Integrity Security Feature Bypass
    There are no known exploits in the wild.

MS16-067 Security Update for Volume Manager Driver

  • CVE-2016-0190 Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability
    There are no known exploits in the wild.