Security Advisory - May 11, 2016

Zscaler Protects against Multiple Security Vulnerabilities in Internet Explorer, Microsoft Edge, Microsoft Graphics Component, Microsoft RPC and Windows Kernel-Mode Drivers.

 

 

Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 15 vulnerabilities included in the May 2016 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections as necessary.

MS16-051 – Cumulative Security Update for Internet Explorer

Severity: Critical 

Affected Software

Internet Explorer 9-11

CVE-2016-0187 – Scripting Engine Memory Corruption Vulnerability

CVE-2016-0192 – Microsoft Browser Memory Corruption Vulnerability

CVE-2016-0194 – Internet Explorer Information Disclosure Vulnerability

Description: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

 

MS16-052 – Cumulative Security Update for Microsoft Edge

Severity: Critical

Affected Software

Microsoft Edge

CVE-2016-0191 – Microsoft Edge Memory Corruption Vulnerability

CVE-2016-0192 – Microsoft Browser Memory Corruption Vulnerability

CVE-2016-0193 – Scripting Engine Memory Corruption Vulnerability

 

Description: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.

 

MS16-055 – Security Update for Microsoft Graphics Component 

Severity: Critical

Affected Software

Windows Vista SP2

Windows Server 2008 SP2

Windows 7 SP1

Windows Server 2008 R2 SP1

Windows 8.1

Windows Server 2012 and Windows Server 2012 R2

Windows RT 8.1

Windows 10

CVE-2016-0170 – Windows Graphics Component RCE Vulnerability

CVE-2016-0184 – Direct3D Use After Free Vulnerability

Description: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a specially crafted website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

 

MS16-061 – Security Update for Microsoft RPC

Severity: Important

Affected Software

Windows Vista 

Windows Server 2008

Windows Server 2008 R2

Windows 8.1

Windows Server 2012 and Windows Server 2012 R2

Windows RT 8.1

Windows 10

CVE-2016-0178 – RPC Network Data Representation Engine Elevation of Privilege Vulnerability

 

Description: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker with physical access inserts a specially crafted USB device into the system.

 

MS16-062 – Security Update for Windows Kernel-Mode Drivers

Severity: Important

Affected Software

Windows Vista SP2

Windows Server 2008

Windows 7 SP1

Windows Server 2008 R2 SP1

Windows 8.1

Windows Server 2012 and Windows Server 2012 R2

Windows RT 8.1

Windows 10

CVE-2016-0171 – Win32k Elevation of Privilege Vulnerability

CVE-2016-0172 – Win32k Elevation of Privilege Vulnerability

CVE-2016-0173 – Win32k Elevation of Privilege Vulnerability

CVE-2016-0174 – Win32k Elevation of Privilege Vulnerability

CVE-2016-0175 – Win32k Elevation of Privilege Vulnerability

CVE-2016-0176 – Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2016-0196 – Win32k Elevation of Privilege Vulnerability

Description: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.