|CERT-In Vulnerability Note
Remote Code Execution Vulnerabilities in Microsoft Windows
Original Issue Date:December 09, 2015
Severity Rating: MEDIUM
- Windows Vista SP2 and x64 Edition SP2
- Windows Server 2008 for 32-bit Systems SP2, x64-based Systems SP2 and Itanium-based Systems SP2
- Windows 7 for 32-bit Systems SP1 and x64-based Systems SP1
- Windows Server 2008 R2 for x64-based Systems SP1 and Itanium-based Systems SP1
- Windows 8 for 32-bit Systems and x64-based Systems
- Windows 8.1 for 32-bit Systems and x64-based Systems
- Windows 10 for 32-bit Systems and Version 1511 for 32-bit Systems
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
- Windows Server 2008 for 32-bit Systems SP2 (Server Core installation) and x64 Edition SP2(Server Core installation)
- Windows Server 2008 R2 for x64-based Systems SP1 (Server Core installation)
- Windows Server 2012(Server Core installation)
- Windows Server 2012 R2(Server Core installation)
Multiple vulnerabilities have been reported in Microsoft Windows which could allow a remote attacker to execute arbitrary code on the targeted system.
Multiple remote code execution vulnerabilities exist in Microsoft Windows due to its failure to validate input before loading libraries. A remote attacker could exploit these vulnerabilities by running a specially crafted application on the targeted system.
Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code with the privileges of the target user.
Apply appropriate patches as mentioned in Microsoft Security Bulletin
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003