JSON View XML View

Key Value
MTID M114465
Title (MS16-116) Microsoft Windows OLE Automation Information Disclosure (3188724)
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

The flaw lies in the OLE Automation component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-116

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-130
- WES09 and POSReady 2009: KB3196718
- Microsoft Windows Vista: KB3196718
- Microsoft Windows Vista for x64-based Systems: KB3196718

The patches for the following products are superseded by patches provided in: MS16-142
- November, 2016 Security Monthly Quality Rollup for Windows 7 (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows 7 for x64-based Systems ( (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB3197868): KB3197868

The patches for the following products are superseded by patches provided in: MS16-135
- Microsoft Windows Server 2008: KB3194371
- Microsoft Windows Server 2008 x64 Edition: KB3194371

https://technet.microsoft.com/library/security/MS16-130
https://technet.microsoft.com/library/security/MS16-142
https://technet.microsoft.com/library/security/MS16-135

Vendor Microsoft
Attack Vector Website or e-mail with malicious content
Importance 5
Impact 10.00084536000
Threat Score 7.61
Labels
Patch Tuesday
References
CVECVE-2016-3375
MSFTBulletinMS16-116
MSFTQNumber3188724
DISA IAVA2016-A-0245
MTIDM114465
CPEs
cpe:/o:microsoft:windows_vista:sp2
cpe:/o:microsoft:windows_server_2008::sp2
cpe:/o:microsoft:windows_server_2008::sp2:x64
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows_7:sp1
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_server_2008::sp2:itanium
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
Created At 2016-09-13 00:00:00 UTC
Updated At 2016-11-19 10:32:20 UTC

Back