JSON View XML View

Key Value
MTID M114429
Title (MS16-104) Microsoft Browser Information Disclosure (3183038)
Description A vulnerability in some versions of Microsoft Browser could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Browser could lead to information disclosure.

The flaw occurs in the way that affected Microsoft browsers handle cross-origin requests. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-104

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-142
- Cumulative Update for Windows 10 (KB3198585): KB3198585
- Cumulative Update for Windows 10 Version 1511 (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1607 (KB3200970): KB3200970
- Microsoft Internet Explorer 8 for WES09 and POSReady 2009: KB3197655
- Microsoft Internet Explorer 9 for Windows Server 2008: KB3197655
- Microsoft Internet Explorer 9 for Windows Server 2008 x64 Edition: KB3197655
- Microsoft Internet Explorer 9 for Windows Vista: KB3197655
- Microsoft Internet Explorer 9 for Windows Vista for x64-based Systems: KB3197655
- November, 2016 Security Monthly Quality Rollup for Windows 7 (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows 7 for x64-based Systems ( (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows 8.1 (KB3197874): KB3197874
- November, 2016 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB3197874): KB3197874
- November, 2016 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows Server 2012 (KB3197877): KB3197877
- November, 2016 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB3197874): KB3197874

The patches for the following products are superseded by patches provided in: MS16-118
- Cumulative Update for Windows Server 2016 Technical Preview 5 for x64-based Systems (KB3195038): KB3195038

The patches for the following products are superseded by patches provided in: MS16-125
- Cumulative Update for Windows 10 for x64-based Systems (KB3192440): KB3192440
- Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194798): KB3194798
- Cumulative Update for Windows Server 2016 for x64-based Systems (KB3194798): KB3194798

https://technet.microsoft.com/library/security/MS16-142
https://technet.microsoft.com/library/security/MS16-118
https://technet.microsoft.com/library/security/MS16-125

Vendor Microsoft
Attack Vector Website or e-mail with malicious content
Importance 5
Impact 2.8627500
Threat Score 2.57
Labels
Patch Tuesday
References
CVECVE-2016-3291
MSFTBulletinMS16-104
MSFTQNumber3183038
DISA IAVA2016-A-0238
MTIDM114429
CPEs
cpe:/a:microsoft:ie:11
Created At 2016-09-13 00:00:00 UTC
Updated At 2016-11-19 10:32:35 UTC

Back