Executive Summary

Summary
TitleSecurity Update for Windows Print Spooler Components (3170005)
Informations
NameMS16-087First vendor Publication2016-07-12
VendorMicrosoftLast vendor Modification2017-09-12
Severity (Vendor) N/ARevision2.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V2.0 (September 12, 2017): To address known issues with the 3170455 update for CVE-2016-3238, Microsoft has made available the following updates for currently-supported versions of Microsoft Windows: ? Rereleased update 3170455 for Windows Server 2008 ? Monthly Rollup 4038777 and Security Update 4038779 for Windows 7 and Windows Server 2008 R2 ? Monthly Rollup 4038799 and Security Update 4038786 for Windows Server 2012 ? Monthly Rollup 4038792 and Security Update 4038793 for Windows 8.1 and Windows Server 2012 R2 ? Cumulative Update 4038781 for Windows 10 ? Cumulative Update 4038781 for Windows 10 Version 1511 ? Cumulative Update 4038782 for Windows 10 Version 1607 and Windows Server 2016. Microsoft recommends that customers running Windows Server 2008 reinstall update 3170455. Microsoft recommends that customers running other supported versions of Windows install the appropriate update. See Microsoft Knowledge Base Article 3170005 (https://support.microsoft.com/en-us/help/3170005) for more information.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or sets up a rogue print server on a target network.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS16-087

CWE : Common Weakness Enumeration

%idName
50 %CWE-264Permissions, Privileges, and Access Controls
50 %CWE-254Security Features

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2
Os1
Os1
Os1
Os2
Os2
Os1

Nessus® Vulnerability Scanner

DateDescription
2016-07-12Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms16-087.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2017-09-13 17:23:10
  • Multiple Updates
2017-09-13 17:18:03
  • Multiple Updates
2016-07-13 21:26:01
  • Multiple Updates
2016-07-13 13:25:48
  • Multiple Updates
2016-07-13 09:25:28
  • Multiple Updates
2016-07-12 21:31:34
  • Multiple Updates
2016-07-12 21:23:39
  • First insertion