Posts

Microsoft Security Bulletin Coverage (Sept 13, 2016)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of Sept 13, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-104 Cumulative Security Update for Internet Explorer

  • CVE-2016-3247 Microsoft Browser Memory Corruption Vulnerability
    IPS:11854 ” Microsoft Browser Memory Corruption Vulnerability (MS16-104) “
  • CVE-2016-3291 Microsoft Browser Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3292 Internet Explorer Memory Corruption Vulnerability
    GAV “MalAgent.H_4622”
  • CVE-2016-3295 Microsoft Browser Memory Corruption Vulnerability
    IPS:11855 ” Microsoft Browser Memory Corruption Vulnerability (MS16-104) 1″
  • CVE-2016-3297 Microsoft Browser Memory Corruption Vulnerability
    IPS:11856 ” Microsoft Browser Memory Corruption Vulnerability (MS16-104) 2″
  • CVE-2016-3324 Internet Explorer Memory Corruption Vulnerability
    IPS:11788 ” Suspicious Obfuscated JavaScript Code 38 “
  • CVE-2016-3325 Microsoft Browser Information Disclosure Vulnerability
    IPS:11858 ” Microsoft Browser Information Disclosure Vulnerability (MS16-104) 1 “
  • CVE-2016-3351 Microsoft Browser Information Disclosure Vulnerability
    SPY:1184 ” Malformed-File html.MP.64_2 “
  • CVE-2016-3353 Internet Explorer Security Feature Bypass
    There are no known exploits in the wild.
  • CVE-2016-3375 Scripting Engine Memory Corruption Vulnerability
    SPY:1173 ” Malformed-File html.MP.63 “

MS16-105 Cumulative Security Update for Microsoft Edge

  • CVE-2016-3247 Microsoft Browser Memory Corruption Vulnerability
    IPS:11854 ” Microsoft Browser Memory Corruption Vulnerability (MS16-104) “
  • CVE-2016-3291 Microsoft Browser Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3294 Microsoft Edge Memory Corruption Vulnerability
    IPS:11850 ” Microsoft Edge Memory Corruption Vulnerability (MS16-105) “
  • CVE-2016-3295 Microsoft Browser Memory Corruption Vulnerability
    IPS:11855 ” Microsoft Browser Memory Corruption Vulnerability (MS16-104) 1″
  • CVE-2016-3297 Microsoft Browser Memory Corruption Vulnerability
    IPS:11856 ” Microsoft Browser Memory Corruption Vulnerability (MS16-104) 2″
  • CVE-2016-3325 Microsoft Browser Information Disclosure Vulnerability
    IPS:11858 ” Microsoft Browser Information Disclosure Vulnerability (MS16-104) 1 “
  • CVE-2016-3330 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3350 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3351 Microsoft Browser Information Disclosure Vulnerability
    SPY:1184 ” Malformed-File html.MP.64_2 “
  • CVE-2016-3370 PDF Library Information Disclosure Vulnerability
    SPY:1121 ” Malformed-File pdf.MP.174_3 “
  • CVE-2016-3374 Microsoft Edge Information Disclosure Vulnerability
    SPY:1150 ” Malformed-File pdf.MP.175_2 “
  • CVE-2016-3377 Scripting Engine Memory Corruption Vulnerability
    IPS:11853 ” Scripting Engine Memory Corruption Vulnerability (MS16-105) “

MS16-106 Security Update for Microsoft Graphics Component

  • CVE-2016-3348 Win32k Elevation of Privilege Vulnerability
    SPY: 1122 “Malformed-File exe.MP.22 “
  • CVE-2016-3349 Win32k Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3354 GDI Information Disclosure Vulnerability
    SPY:1284 ” Malformed-File py.MP.1_2 “
  • CVE-2016-3355 GDI Elevation of Privilege Vulnerability
    SPY:1159 ” Malformed-File exe.MP.23″
  • CVE-2016-3356 GDI Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-107 Security Update for Microsoft Office

  • CVE-2016-0137 Microsoft APP-V Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0141 Microsoft Information Disclosure Vulnerability
    This is a local Vulnerability.
  • CVE-2016-3357 Microsoft Office Memory Corruption Vulnerability
    SPY:1128 ” Malformed-File ppt.MP.5″
  • CVE-2016-3358 Microsoft Office Memory Corruption Vulnerability
    SPY:1162 ” Malformed-File xlsb.MP.4 “
  • CVE-2016-3359 Microsoft Office Memory Corruption Vulnerability
    SPY:1195 ” Malformed-File xlsb.MP.5″
  • CVE-2016-3360 Microsoft Office Memory Corruption Vulnerability
    SPY:1199 “Malformed-File ppt.MP.6 “
  • CVE-2016-3361 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3362 Microsoft Office Memory Corruption Vulnerability
    SPY:4964 “Malformed-File xlsb.MP.6”
  • CVE-2016-3363 Microsoft Office Memory Corruption Vulnerability
    SPY:1206 Malformed-File xls.MP.53 “
  • CVE-2016-3364 Microsoft Office Memory Corruption Vulnerability
    SPY:1217 Malformed-File docx.MP.10 “
  • CVE-2016-3365 Microsoft Office Memory Corruption Vulnerability
    SPY:1123 Malformed-File xlsb.MP.2 “
  • CVE-2016-3366 Microsoft Office Spoofing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3381 Microsoft Office Memory Corruption Vulnerability
    SPY:1139 Malformed-File xlsb.MP.3 “

MS16-108 Security Update for Microsoft Exchange Server

  • CVE-2016-0138 Microsoft Exchange Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3378 Microsoft Exchange Open Redirect Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3379 Microsoft Exchange Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-109 Security Update for Silverlight

  • CVE-2016-3367 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-110 Security Update for Microsoft Windows

  • CVE-2016-3346 Windows Permissions Enforcement Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3352 Microsoft Information Disclosure Vulnerability
    IPS:11851 Microsoft NTLM Information Disclosure (MS16-110) 1 “
  • CVE-2016-3368 Windows Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3369 Windows Denial of Service Vulnerability
    There are no known exploits in the wild.

MS16-111 Security Update for Windows Kernel

  • CVE-2016-3305 Windows Session Object Elevation of Privilege Vulnerability
    SPY:1228 Malformed-File exe.MP.24″
  • CVE-2016-3306 Windows Session Object Elevation of Privilege Vulnerability
    SPY:1261 Malformed-File exe.MP.25″
  • CVE-2016-3371 Windows Kernel Elevation of Privilege Vulnerability
    SPY:1262 Malformed-File exe.MP.26″
  • CVE-2016-3372 Windows Kernel API GUID Collision Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-3373 Windows Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-091 Security Update for .NET Framework

  • CVE-2016-3255 .NET Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS16-112 Security Update for Windows Lock Screen

  • CVE-2016-3302 Windows Lock Screen Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-113 Security Update for Windows Secure Kernel Mode

  • CVE-2016-3344 Windows Secure Kernel Mode Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS16-114 Security Update for Windows SMBv1 Server

  • CVE-2016-3345 Windows SMB Authenticated Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-115 Security Update for Windows SMBv1 Server

  • CVE-2016-3370 PDF Library Information Disclosure Vulnerability
    SPY:1121 ” Malformed-File pdf.MP.174_3 “
  • CVE-2016-3374 Microsoft Edge Information Disclosure Vulnerability
    SPY:1150 ” Malformed-File pdf.MP.175_2 “

MS16-116 Security Update for Windows SMBv1 Server

  • CVE-2016-3375 Scripting Engine Memory Corruption Vulnerability
    SPY:1173 ” Malformed-File html.MP.63 “