JSON View XML View

Key Value
MTID M114434
Title (MS16-106) Microsoft Windows Graphics Component GDI ASLR Bypass Information Disclosure (3185848)
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

The flaw lies in the Graphics Component component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-106

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-142
- Cumulative Update for Windows 10 Version 1511 (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3198586): KB3198586

https://technet.microsoft.com/library/security/MS16-142

Vendor Microsoft
Attack Vector Authenticated locally logged on user with limited privileges
Importance 5
Impact 2.8627500
Threat Score 4.3
Labels
Patch Tuesday
References
CVECVE-2016-3354
MSFTBulletinMS16-106
MSFTQNumber3185848
DISA IAVA2016-A-0240
MTIDM114434
CPEs
cpe:/o:microsoft:windows_vista:sp2
cpe:/o:microsoft:windows_server_2008::sp2
cpe:/o:microsoft:windows_server_2008::sp2:x64
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows_7:sp1
cpe:/o:microsoft:windows_server_2008:r2:sp1:itanium
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_server_2008::sp2:itanium
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
Created At 2016-09-13 00:00:00 UTC
Updated At 2016-11-19 10:32:04 UTC

Back