JSON View XML View

Key Value
MTID M115503
Title (MS16-132) Microsoft Windows Media Foundation Memory Corruption Vulnerability (3199120)
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

The flaw lies in the Media Foundation component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-132

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS17-001
- Cumulative Update for Windows 10 (KB3210720): KB3210720
- Cumulative Update for Windows 10 Version 1511 (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1607 (KB3213986): KB3213986

https://technet.microsoft.com/library/security/MS17-001

Vendor Microsoft
Attack Vector Malicious remote network traffic
Importance 5
Impact 10.00084536000
Threat Score 9.33
Labels
Patch Tuesday
References
CVECVE-2016-7217
MSFTBulletinMS16-132
MSFTQNumber3199120
DISA IAVA2016-A-0318
MTIDM115503
CPEs
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/a:microsoft:windows_server:2016
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:50 UTC

Back