Executive Summary

Summary
TitleSecurity Update for Microsoft Windows (3205655)
Informations
NameMS16-149First vendor Publication2016-12-13
VendorMicrosoftLast vendor Modification2017-08-23
Severity (Vendor) N/ARevision1.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.1 (August 23, 2017): Corrected the Updates Replaced for security update 3196726 to None. This is an informational change only. Customers who have already successfully installed the update do not need to take any further action.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS16-149

CWE : Common Weakness Enumeration

%idName
50 %CWE-200Information Exposure
50 %CWE-19Data Handling

CPE : Common Platform Enumeration

TypeDescriptionCount
Os3
Os2
Os1
Os2
Os3
Os4
Os2
Os2

Snort® IPS/IDS

DateDescription
2017-01-10Microsoft Windows MSIEXEC privilege escalation attempt
RuleID : 40985 - Revision : 2 - Type : OS-WINDOWS
2017-01-10Microsoft Windows MSIEXEC privilege escalation attempt
RuleID : 40984 - Revision : 2 - Type : OS-WINDOWS
2017-01-10Microsoft Windows ksecdd.sys kernel information disclosure attempt
RuleID : 40956 - Revision : 2 - Type : OS-WINDOWS
2017-01-10Microsoft Windows ksecdd.sys kernel information disclosure attempt
RuleID : 40955 - Revision : 2 - Type : OS-WINDOWS
2017-01-10Microsoft Windows ksecdd.sys kernel information disclosure attempt
RuleID : 40954 - Revision : 2 - Type : OS-WINDOWS
2017-01-10Microsoft Windows ksecdd.sys kernel information disclosure attempt
RuleID : 40953 - Revision : 2 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2016-12-14Name : The remote Windows host is affected multiple vulnerabilities.
File : smb_nt_ms16-149.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2017-08-23 21:25:34
  • Multiple Updates
2017-08-23 21:17:59
  • Multiple Updates
2016-12-21 17:25:10
  • Multiple Updates
2016-12-20 12:05:28
  • Multiple Updates
2016-12-15 13:25:11
  • Multiple Updates
2016-12-13 21:26:52
  • Multiple Updates
2016-12-13 21:18:08
  • First insertion