Microsoft Security Bulletin Coverage

March 8, 2016

Dell SonicWALL has analyzed and addressed Microsoft's security advisories for the month of Mar. 8, 2016. A list of issues reported, along with Dell SonicWALL coverage information are as follows:

MS16-023 Cumulative Security Update for Internet Explorer

  • CVE-2016-0102 Microsoft Browser Memory Corruption Vulnerability
    IPS:11490 " Internet Explorer Memory Corruption Vulnerability (MS16-023) 1"
  • CVE-2016-0103 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0104 Internet Explorer Memory Corruption Vulnerability
    IPS: 11491 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 2 "
  • CVE-2016-0105 Microsoft Browser Memory Corruption Vulnerability
    IPS: 5173 "Obfuscated ActiveX Instantiation 3"
  • CVE-2016-0106 Internet Explorer Memory Corruption Vulnerability
    IPS: 11492 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 3"
  • CVE-2016-0107 Internet Explorer Memory Corruption Vulnerability
    IPS: 11493 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 4"
  • CVE-2016-0108 Internet Explorer Memory Corruption Vulnerability
    IPS: 11494 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 5"
  • CVE-2016-0109 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11495 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 6"
  • CVE-2016-0110 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11497 " Internet Explorer Memory Corruption Vulnerability (MS16-023) 8"
  • CVE-2016-0111 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11498 " Internet Explorer Memory Corruption Vulnerability (MS16-023) 7"
  • CVE-2016-0112 Internet Explorer Memory Corruption Vulnerability
    IPS: 11501 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 10"
  • CVE-2016-0113 Internet Explorer Memory Corruption Vulnerability
    IPS: 11503 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 11"
  • CVE-2016-0114 Internet Explorer Memory Corruption Vulnerability
    IPS: 11504 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 12"

MS16-024 Cumulative Security Update for Microsoft Edge

  • CVE-2016-0102 Microsoft Browser Memory Corruption Vulnerability
    IPS:11490 " Internet Explorer Memory Corruption Vulnerability (MS16-023) 1"
  • CVE-2016-0105 Microsoft Browser Memory Corruption Vulnerability
    IPS: 5173 "Obfuscated ActiveX Instantiation 3"
  • CVE-2016-0109 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11495 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 6"
  • CVE-2016-0110 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11497 "Internet Explorer Memory Corruption Vulnerability (MS16-023) 8"
  • CVE-2016-0111 Microsoft Browser Memory Corruption Vulnerability
    IPS: 11498 " Internet Explorer Memory Corruption Vulnerability (MS16-023) 7"
  • CVE-2016-0116 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0123 Microsoft Edge Information Disclosure Vulnerability
    IPS: 11496 "Microsoft Edge Memory Corruption Vulnerability (MS16-024) 1"
  • CVE-2016-0124 Microsoft Edge Information Disclosure Vulnerability
    IPS: 11499 "Microsoft Edge Memory Corruption Vulnerability (MS16-024) 2"
  • CVE-2016-0125 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0129 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0130 Microsoft Edge Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-025 Security Update for Windows Library Loading to Address Remote Code Execution

  • CVE-2016-0100 Library Loading Input Validation Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-026 Security Updates for Graphic Fonts to Address Remote Code Execution

  • CVE-2016-0120 OpenType Font Parsing Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0121 OpenType Font Parsing Vulnerability
    There are no known exploits in the wild.

MS16-027 Security Update for Windows Media to Address Remote Code Execution

  • CVE-2016-0098 Windows Media Player Parsing Remote Code Execution Vulnerability
    IPS: 11500 "Windows Media Player Parsing Remote Code Execution 1"
  • CVE-2016-0101 Windows Media Player Parsing Remote Code Execution Vulnerability
    IPS: 11502 "Windows Media Player Parsing Remote Code Execution 2 "

MS16-028 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution

  • CVE-2016-0117 Remote Code Execution Vulnerability
    SPY: 3280 "FathFTP ActiveX RasIsConnected Method Invocation"
  • CVE-2016-0118 Remote Code Execution Vulnerability
    There are no known exploits in the wild.

MS16-029 Security Update for Microsoft Office to Address Remote Code Execution

  • CVE-2016-0021 Microsoft Office Memory Corruption Vulnerability
    SPY: 3252 "Malformed-File rtf.MP.11"
  • CVE-2016-0057 Microsoft Office Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2016-0134 Microsoft Office Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS16-030 Security Update for Windows OLE to Address Remote Code Execution

  • CVE-2016-0091 Windows OLE Memory Remote Code Execution Vulnerability
    SPY: 2439 "Malformed-File rtf.MP.10"
  • CVE-2016-0092 Windows OLE Memory Remote Code Execution Vulnerability
    SPY: 3251 "Malformed-File rtf.MP.12"

MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege

  • CVE-2016-0087 Windows Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-032 Security Update for Secondary Logon to Address Elevation of Privilege

  • CVE-2016-0099 Secondary Logon Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-033 Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege

  • CVE-2016-0133 USB Mass Storage Elevation of Privilege Vulnerability
    There are no known exploits in the wild.

MS16-034 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege

  • CVE-2016-0093 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0094 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0095 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.
  • CVE-2016-0096 Win32k Elevation of Privilege Vulnerability
    This is a local Vulnerability.

MS16-035 Security Update for .NET Framework to Address Security Feature Bypass

  • CVE-2016-0035 .NET XML Validation Security Feature Bypass
    There are no known exploits in the wild.