JSON View XML View

Key Value
MTID M115537
Title (MS16-137) Microsoft Windows Virtual Secure Mode Information Disclosure (3199173)
Description A vulnerability in some versions of Microsoft Windows could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Windows could lead to information disclosure.

The flaw lies in the Virtual Secure Mode component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-137

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS17-001
- Cumulative Update for Windows 10 (KB3210720): KB3210720
- Cumulative Update for Windows 10 Version 1511 (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1607 (KB3213986): KB3213986

The patches for the following products are superseded by patches provided in: MS17-004
- Microsoft Windows Server 2008: KB3216775
- Microsoft Windows Server 2008 for x64-based Systems: KB3216775
- Microsoft Windows Vista: KB3216775
- Microsoft Windows Vista for x64-based Systems: KB3216775

https://technet.microsoft.com/library/security/MS17-001
https://technet.microsoft.com/library/security/MS17-004

Vendor Microsoft
Attack Vector Malicious remote network traffic
Importance 5
Impact 2.8627500
Threat Score 2.11
Labels
Patch Tuesday
References
CVECVE-2016-7220
MSFTBulletinMS16-137
MSFTQNumber3199173
DISA IAVA2016-B-0163
MTIDM115537
CPEs
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:50 UTC

Back