JSON View XML View

Key Value
MTID M116153
Title (MS16-147) Microsoft Windows Uniscribe Remote Code Execution (3204063)
Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution.

The flaw occurs in Windows due to the way Windows Uniscribe handles objects in the memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-147

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS17-001
- Cumulative Update for Windows 10 (KB3210720): KB3210720
- Cumulative Update for Windows 10 for x64-based Systems (KB3210720): KB3210720
- Cumulative Update for Windows 10 Version 1511 (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1607 (KB3213986): KB3213986
- Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3213986): KB3213986
- Cumulative Update for Windows Server 2016 for x64-based Systems (KB3213986): KB3213986

https://technet.microsoft.com/library/security/MS17-001

Vendor Microsoft
Attack Vector Website with malicious content
Importance 9
Impact 10.00084536000
Threat Score 9.33
Labels
Patch Tuesday
References
CVECVE-2016-7274
MSFTBulletinMS16-147
MSFTQNumber3204063
DISA IAVA2016-A-0352
MTIDM116153
CPEs
cpe:/o:microsoft:windows_server_2008::sp2:x64
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows_vista::sp2
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_7::sp1:x86
cpe:/o:microsoft:windows_server_2008:-:sp2:x86
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
cpe:/a:microsoft:windows_server:2016:x64
Created At 2016-12-13 00:00:00 UTC
Updated At 2017-02-16 15:09:52 UTC

Back