⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2016-0185Improper Input Validation in Windows 7 FOR 32-bit Systems Service Pack 1

CWE-20Improper Input Validation9 documents8 sources
Severity
7.8HIGHNVD
EPSS
82.8%
top 0.76%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
6
Msrc Windows 7 FOR 32-bit Systems Service Pack 1Msrc Windows 7 FOR X64-based Systems Service Pack 1Msrc Windows 8.1 FOR 32-bit Systems+3 more
Timeline
PublishedMay 11
KEV addedNov 3
KEV dueMay 3
Latest updateMay 14
CISA Required Action: Apply updates per vendor instructions.

Description

Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-76r4-g8fm-62pc: Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 82022-05-14
VulnCheck
Microsoft Windows Media Center Remote Code Execution Vulnerability2016

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows Media Center - '.MCL' File Processing Remote Code Execution (MS16-059)2016-05-12

📋Vendor Advisories

2
CISA
Microsoft Windows Media Center Remote Code Execution Vulnerability2021-11-03
Microsoft
Windows Media Center Remote Code Execution Vulnerability2016-05-10

🕵️Threat Intelligence

3
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys2022-02-23
Talos
Microsoft Patch Tuesday - May 20162016-05-10
Talos
Microsoft Patch Tuesday - May 20162016-05-10