CVE-2016-0188
published 2016-05-11CVE-2016-0188: The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing…
PriorityP356high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
18.33%
96.9th percentile
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| msrc | internet_explorer_11_on_windows_10_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Internet Explorer Security Feature Bypass Vulnerability
vendor_msrc·2016-05-10·CVSS 8.8
CVE-2016-0188 [HIGH] Internet Explorer Security Feature Bypass Vulnerability
Internet Explorer Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies. The vulnerability could allow an attacker to bypass Device Guard UMCI policies.
To exploit the vulnerability, a user could either visit a malicious website or an attacker with access to the system could run a specially crafted application. An attacker could then leverage the vulnerability to run unsigned malicious code as though it were signed by a trusted source.
The update addresses the vulnerability by correcting how Internet Explorer validates UMCI policies.
FAQ: I am running Internet Explorer on Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2.
GHSA
GHSA-57mm-6wpf-wch6: The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing
ghsa_unreviewed·2022-05-14
CVE-2016-0188 [HIGH] CWE-284 GHSA-57mm-6wpf-wch6: The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday - May 2016
blogs_talos·2016-05-10·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - May 2016
## Microsoft Patch Tuesday - May 2016
This post is authored by Holger Unterbrink .
Patch Tuesday for May 2016 has arrived where Microsoft releases their monthly set of security bulletins designed to address security vulnerabilities within their products. This month's release contains 16 bulletins addressing 33 vulnerabilities. Eight bulletins are rated critical, addressing vulnerabilities in Edge, Internet Explorer, Office, Graphic Components, VBScript, and Windows Shell. The remaining bulletins are rated important and address vulnerabilities in Internet Explorer, Office, Windows Kernel, IIS, Media Center, Hyper-V, .NET, and several other Windows components.
## Bulletins Rated Critical Vulnerabilities in Microsoft bulletins MS16-051 through MS16-057 and MS16-064 are rated as critical in
Talos
Microsoft Patch Tuesday - May 2016
blogs_talos·2016-05-10·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - May 2016
This post is authored by Holger Unterbrink.
Patch Tuesday for May 2016 has arrived where Microsoft releases their monthly set of security bulletins designed to address security vulnerabilities within their products. This month's release contains 16 bulletins addressing 33 vulnerabilities. Eight bulletins are rated critical, addressing vulnerabilities in Edge, Internet Explorer, Office, Graphic Components, VBScript, and Windows Shell. The remaining bulletins are rated important and address vulnerabilities in Internet Explorer, Office, Windows Kernel, IIS, Media Center, Hyper-V, .NET, and several other Windows components.
## Bulletins Rated CriticalVulnerabilities in Microsoft bulletins MS16-051 through MS16-057 and MS16-064 are rated as critical in this month's release.
MS16-051and MS16-
http://www.securityfocus.com/bid/90003http://www.securitytracker.com/id/1035820https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051http://www.securityfocus.com/bid/90003http://www.securitytracker.com/id/1035820https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051
2016-05-11
Published