CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS16-007 | Security Update for Microsoft Windows to Address Remote Code Execution (3124901) | Windows Vista | Important | 13-01-2016 |
Technical Information
Brief overview of the risk:
Multiple elevation of privilege vulnerabilities exist when Windows improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited the vulnerabilities could elevate their privileges on a targeted system.
Detailed Information on the risk:
A remote code execution vulnerability exists when Microsoft DirectShow improperly validates user input. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system.
Windows Vista x64 Edition Service Pack 2 Further information on this exploit is available at : MS16-007
Windows Vista Service Pack 2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 8.1 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8 for 32-bit Systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Affected Software
Windows Vista x64 Edition Service Pack 2Windows Vista Service Pack 2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 8.1 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8 for 32-bit Systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems