CVE-2016-7195 Microsoft Cumulative Security Update for Internet Explorer (MS16-142)

Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems.

Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabilities found in Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10) and Internet Explorer 11 (IE 11). The security updated is rated Critical for affected Windows Client for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10) and Internet Explorer 11 (IE 11) and Moderate on affected Windows Servers.

The security update addresses the vulnerabilities by fixing:

1. How Internet Explorer modifies objects in memory.

2. XSS filter to handle to Regex in Internet Explorer.

The most critical vulnerabilities would enable an attacker to perform remote code execution with the help of specially crafted webpages using Internet Explorer. Successful exploitation of the vulnerabilities will enable the attacker to gain same rights as the user. Users logged-in with administrative rights would allow the attacker to take control of the affected system and would allow the attacker to install programs; view, modify or delete data and create new user accounts with complete privileges.

For more information, Customers are advised to refer the official advisory from Microsoft (MS16-142).

Patch:
Following are links for downloading patches to fix the vulnerabilities:

MS16-142: Windows Vista Service Pack 2 (Internet Explorer 9)

MS16-142: Windows Vista x64 Edition Service Pack 2 (Internet Explorer 9)

MS16-142: Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 9)

MS16-142: Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 9)

MS16-142: Windows Server 2012 Security Only (Internet Explorer 10)

MS16-142: Windows Server 2012 Monthly Roll-Up (Internet Explorer 10)

MS16-142: Windows 7 for 32-bit Systems Service Pack 1Security Only (Internet Explorer 11)

MS16-142: Windows 7 for 32-bit Systems Service Pack 1Monthly Roll Up (Internet Explorer 11)

MS16-142: Windows 7 for x64-based Systems Service Pack 1Security Only (Internet Explorer 11)

MS16-142: Windows 7 for x64-based Systems Service Pack 1Monthly Roll-Up (Internet Explorer 11)

MS16-142: Windows Server 2008 R2 for x64-based Systems Service Pack 1Security Only (Internet Explorer 11)

MS16-142: Windows Server 2008 R2 for x64-based Systems Service Pack 1Monthly Roll-Up (Internet Explorer 11)

MS16-142: Windows 8.1 for 32-bit Systems Security Only (Internet Explorer 11)

MS16-142: Windows 8.1 for 32-bit SystemsMonthly Roll-Up (Internet Explorer 11)

MS16-142: Windows 8.1 for x64-based SystemsSecurity Only (Internet Explorer 11)

MS16-142: Windows 8.1 for x64-based SystemsMonthly Roll-Up (Internet Explorer 11)

MS16-142: Windows Server 2012 R2Security Only (Internet Explorer 11)

MS16-142: Windows Server 2012 R2Monthly Roll-Up (Internet Explorer 11)

MS16-142: Windows 10 for 32-bit Systems

MS16-142: Windows 10 for x64-based Systems

MS16-142: Windows 10 Version 1511 for 32-bit Systems

MS16-142: Windows 10 Version 1511 for x64-based Systems

MS16-142: Windows 10 Version 1607 for 32 bit Systems

MS16-142: Windows 10 Version 1607 for x64-based Systems