漏洞信息
This security update is rated Critical for Internet Explorer 9 (IE 9), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.
The update addresses the vulnerabilities by modifying how Internet Explorer and certain functions handle objects in memory.
漏洞危害
The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
解决方案
Customers are advised to refer to Microsoft Advisory MS16-095 for more details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
MS16-095: Windows Vista Service Pack 2 (Internet Explorer 9)
MS16-095: Windows Vista x64 Edition Service Pack 2 (Internet Explorer 9)
MS16-095: Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 9)
MS16-095: Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 9)
MS16-095: Windows Server 2012 (Internet Explorer 10)
MS16-095: Windows 7 for 32-bit Systems Service Pack 1 (Internet Explorer 11)
MS16-095: Windows 7 for x64-based Systems Service Pack 1 (Internet Explorer 11)
MS16-095: Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Internet Explorer 11)
MS16-095: Windows 8.1 for 32-bit Systems (Internet Explorer 11)
MS16-095: Windows 8.1 for x64-based Systems (Internet Explorer 11)
MS16-095: Windows Server 2012 R2 (Internet Explorer 11)
MS16-095: Windows 10 for 32-bit Systems
MS16-095: Windows 10 for x64-based Systems
MS16-095: Windows 10 Version 1511 for 32-bit Systems
MS16-095: Windows 10 Version 1511 for x64-based Systems
www.0daybank.org
文章评论