Sid 1-38770

Summary:

    BROWSER-IE Microsoft Internet Explorer CreateColorSpace vulnerability attempt

Impact:

    Confidentiality Impact: PARTIAL Integrity Impact: NONE Availability Impact: NONE

Detailed Information:

    GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics Component Information Disclosure Vulnerability," a different vulnerability than CVE-2016-0169.

Affected Systems:

    microsoft windows server 2012 r2
    microsoft windows rt 8.1
    microsoft windows server 2012
    microsoft windows 10
    microsoft windows 8.1
    microsoft windows 7 sp1
    microsoft windows server 2008 r2 sp1
    microsoft windows vista sp2
    microsoft windows 10 1511
    microsoft windows server 2008 sp2

Attack Scenarios:

    No data available

False Positives:

    None known

False Negatives:

    None known

Corrective Action:

    Upgrade to the latest non-affected version
    Apply vendor-provided patches

Contributors:

    No data available

Additional References:

  • 2016-0168
  • ###ms16-055
      http://technet.microsoft.com/en-us/security/bulletin/ms16-055