Msrc Windows 10 For X64-Based Systems vulnerabilities

CVE-2016-3203 [MEDIUM] Windows PDF Remote Code Execution Windows PDF Remote Code Execution Description: A remote code execution vulnerability exists in Microsoft Windows if a user opens a specially crafted .pdf file. An attacker who successfully exploited the vulnerabilities could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install program

CVE-2016-3201 [MEDIUM] Windows PDF Information Disclosure Vulnerability Windows PDF Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in Microsoft Windows when a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could read memory in the context of the current user. To exploit the vulnerability, an attacker would have to trick the user into opening the PDF file. The update addresses the vulnerability b

CVE-2016-3230 [MEDIUM] Windows Search Denial of Service Vulnerability Windows Search Denial of Service Vulnerability Description: This vulnerability occurs when the Windows Search component fails to properly handle certain objects in memory. An attacker who successfully exploited this vulnerability could cause server performance to degrade sufficiently to cause a denial of service condition. To exploit this vulnerability, an attacker could use it to cause a denial of service attack and disrupt

CVE-2016-3219 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnera

CVE-2016-3231 [HIGH] Windows Diagnostics Hub Elevation of Privilege Vulnerability Windows Diagnostics Hub Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install progra

CVE-2016-0182 [HIGH] Windows Journal Memory Corruption Vulnerability Windows Journal Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in Microsoft Windows when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take control of the affected

CVE-2016-0179 [HIGH] Windows Shell Remote Code Execution Vulnerability Windows Shell Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when Windows Shell improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accoun

CVE-2016-0181 [MEDIUM] Hypervisor Code Integrity Security Feature Bypass Hypervisor Code Integrity Security Feature Bypass Description: A security feature bypass vulnerability exists when Windows incorrectly allows certain kernel-mode pages to be marked as Read, Write, Execute (RWX) even with Hypervisor Code Integrity (HVCI) enabled. To exploit this vulnerability, an attacker could run a specially crafted application to bypass code integrity protections in Windows. The security update addresses

CVE-2016-0176 [HIGH] DirectX Elevation of Privilege Vulnerability DirectX Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have t

CVE-2016-0090 [HIGH] Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose

CVE-2016-0151 [HIGH] Windows CSRSS Security Feature Bypass Vulnerability Windows CSRSS Security Feature Bypass Vulnerability Description: A security feature bypass vulnerability exists in Microsoft Windows when the Client-Server Run-time Subsystem (CSRSS) fails to properly manage process tokens in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. An attacker could then install programs; view, change, or delete data; or create new acc

CVE-2016-0150 [HIGH] HTTP.sys Denial of Service Vulnerability HTTP.sys Denial of Service Vulnerability Description: A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an attacker could send a specially crafted HTTP p

CVE-2016-0088 [CRITICAL] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary c

CVE-2016-0135 [HIGH] Secondary Logon Elevation of Privilege Vulnerability Secondary Logon Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Microsoft Windows when the Windows Secondary Logon Service fails to properly manage requests in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. An attacker could then install programs; view, change, or delete data; or create new accounts with fu

CVE-2016-0089 [HIGH] Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose

CVE-2016-0019 [HIGH] CVE-2016-0019: Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No