The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Windows 2016

vulnerability CVE-2016-7247

Windows: privilege escalation via Secure Boot

Synthesis of the vulnerability

A local attacker can bypass Secure Boot of Windows, in order to escalate his privileges.
Impacted products: Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT.
Severity: 1/4.
Consequences: administrator access/rights.
Provenance: physical access.
Creation date: 09/11/2016.
Identifiers: 3193479, CERTFR-2016-AVI-374, CVE-2016-7247, MS16-140, VIGILANCE-VUL-21080.

Description of the vulnerability

The Windows product uses Secure Boot to check the code on system start.

However, an attacker with a physical access can bypass the policy and install a malicious code on boot.

A local attacker can therefore bypass Secure Boot of Windows, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-7223 CVE-2016-7224 CVE-2016-7225

Windows: four vulnerabilities via Virtual Hard Disk Driver

Synthesis of the vulnerability

An attacker can use several vulnerabilities via Virtual Hard Disk Driver of Windows.
Impacted products: Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 09/11/2016.
Identifiers: 3199647, 914, 915, 916, 921, CERTFR-2016-AVI-374, CVE-2016-7223, CVE-2016-7224, CVE-2016-7225, CVE-2016-7226, MS16-138, VIGILANCE-VUL-21078.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can bypass access restrictions, in order to read or alter data. [severity:2/4; CVE-2016-7223]

An attacker can bypass access restrictions, in order to read or alter data. [severity:2/4; CVE-2016-7224]

An attacker can bypass access restrictions, in order to read or alter data. [severity:2/4; CVE-2016-7225]

An attacker can bypass access restrictions, in order to read or alter data. [severity:2/4; CVE-2016-7226]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-7220 CVE-2016-7237 CVE-2016-7238

Windows: three vulnerabilities via Authentication Methods

Synthesis of the vulnerability

An attacker can use several vulnerabilities via Authentication Methods of Windows.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/11/2016.
Identifiers: 3199173, CERTFR-2016-AVI-374, CVE-2016-7220, CVE-2016-7237, CVE-2016-7238, MS16-137, VIGILANCE-VUL-21077.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can force a read at an invalid address via Virtual Secure Mode, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-7220]

An attacker can trigger a fatal error via Local Security Authority Subsystem, in order to trigger a denial of service. [severity:1/4; CVE-2016-7237]

An attacker can bypass security features via Windows NTLM, in order to escalate his privileges. [severity:2/4; CVE-2016-7238]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-7214 CVE-2016-7215 CVE-2016-7218

Windows: four vulnerabilities via Kernel-Mode Drivers

Synthesis of the vulnerability

An attacker can use several vulnerabilities via Kernel-Mode Drivers of Windows.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 09/11/2016.
Identifiers: 3199135, CERTFR-2016-AVI-374, CVE-2016-7214, CVE-2016-7215, CVE-2016-7218, CVE-2016-7246, MS16-135, VIGILANCE-VUL-21075, ZDI-16-592, ZDI-16-594.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can bypass security features, in order to obtain sensitive information on ASLR. [severity:2/4; CVE-2016-7214]

An attacker can bypass security features via Win32k, in order to escalate his privileges. [severity:2/4; CVE-2016-7215, ZDI-16-592]

An attacker can bypass security features via Win32k, in order to escalate his privileges. [severity:2/4; CVE-2016-7246, ZDI-16-594]

An attacker can bypass security features via Bowser.sys, in order to obtain sensitive information. [severity:2/4; CVE-2016-7218]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-0026 CVE-2016-3332 CVE-2016-3333

Windows: multiple vulnerabilities via Common Log File System Driver

Synthesis of the vulnerability

An attacker can use several vulnerabilities via Common Log File System Driver of Windows.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 10.
Creation date: 09/11/2016.
Identifiers: 3193706, CERTFR-2016-AVI-374, CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, CVE-2016-7184, MS16-134, VIGILANCE-VUL-21074.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-0026]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3332]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3333]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3334]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3335]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3338]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3340]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3342]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-3343]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-7184]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-7205 CVE-2016-7210 CVE-2016-7217

Windows: four vulnerabilities via Graphics Component

Synthesis of the vulnerability

An attacker can use several vulnerabilities via Graphics Component of Windows.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 09/11/2016.
Identifiers: 3199120, CERTFR-2016-AVI-374, CVE-2016-7205, CVE-2016-7210, CVE-2016-7217, CVE-2016-7256, MS16-132, VIGILANCE-VUL-21072.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can bypass security features via Open Type Font, in order to obtain sensitive information. [severity:2/4; CVE-2016-7210]

An attacker can generate a memory corruption via Windows Animation Manager, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7205]

An attacker can generate a memory corruption via Media Foundation, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7217]

An attacker can generate a memory corruption via Open Type Font, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7256]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-7212 CVE-2016-7221 CVE-2016-7222

Windows: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Windows.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/11/2016.
Identifiers: 3199172, CERTFR-2016-AVI-374, CVE-2016-7212, CVE-2016-7221, CVE-2016-7222, MS16-130, VIGILANCE-VUL-21070.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can bypass security features via Input Method Editor, in order to escalate his privileges. [severity:2/4; CVE-2016-7221]

An attacker can bypass security features via Task Scheduler, in order to escalate his privileges. [severity:2/4; CVE-2016-7222]

An attacker can generate a memory corruption via Image File, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7212]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-7195 CVE-2016-7196 CVE-2016-7198

Edge: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Edge.
Impacted products: Edge, Windows 10, Windows 2016.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 09/11/2016.
Identifiers: 3199057, 922, 925, 934, 945, 948, 952, CERTFR-2016-AVI-373, CVE-2016-7195, CVE-2016-7196, CVE-2016-7198, CVE-2016-7199, CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7204, CVE-2016-7208, CVE-2016-7209, CVE-2016-7227, CVE-2016-7239, CVE-2016-7240, CVE-2016-7241, CVE-2016-7242, CVE-2016-7243, MS16-129, VIGILANCE-VUL-21069, ZDI-16-593.

Description of the vulnerability

Several vulnerabilities were announced in Edge.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7195]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7196]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7198]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7241]

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7199]

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7239]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7200]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7201]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7202, ZDI-16-593]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7203]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7208]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7240]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7242]

An attacker can generate a memory corruption via Scripting Engine, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7243]

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7204]

An attacker can alter displayed information, in order to deceive the victim. [severity:2/4; CVE-2016-7209]

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7227]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-7857 CVE-2016-7858 CVE-2016-7859

Adobe Flash Player: nine vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, IE, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 9.
Creation date: 08/11/2016.
Identifiers: 3202790, APSB16-37, CERTFR-2016-AVI-371, CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7860, CVE-2016-7861, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864, CVE-2016-7865, MS16-141, openSUSE-SU-2016:2774-1, openSUSE-SU-2016:2782-1, RHSA-2016:2676-01, SUSE-SU-2016:2778-1, VIGILANCE-VUL-21068, ZDI-16-595, ZDI-16-596, ZDI-16-597, ZDI-16-598, ZDI-16-599, ZDI-16-600, ZDI-16-601, ZDI-16-602, ZDI-16-603.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7860, ZDI-16-601]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7861, ZDI-16-600]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7865, ZDI-16-598]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7857, ZDI-16-596]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7858, ZDI-16-595]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7859, ZDI-16-602]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7862, ZDI-16-603]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7863, ZDI-16-599]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7864, ZDI-16-597]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-7255

Windows: privilege escalation via NtSetWindowLongPtr

Synthesis of the vulnerability

A local attacker can call NtSetWindowLongPtr() on Windows, in order to escalate his privileges.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 02/11/2016.
Identifiers: 3199135, CERTFR-2016-ACT-045, CERTFR-2016-ALE-008, CVE-2016-7255, MS16-135, VIGILANCE-VUL-21014.

Description of the vulnerability

The win32k.sys driver of Windows provides the NtSetWindowLongPtr() function, which changes an attribute of a window. The nIndex GWLP_ID parameter changes the identifier of a window, and GWL_STYLE changes its displayed style.

However, using GWLP_ID=otherWindow and GWL_STYLE=WS_CHILD, a local attacker can escalate his privileges.

A local attacker can therefore call NtSetWindowLongPtr() on Windows, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Windows 2016: