Microsoft Windows VBScript Engine Memory Corruption Vulnerability Fixed by MS16-104 and MS16-116


Description   (#A memory corruption was reported in the inter-process communication mechanism OLE Automation for VBScript scripting engine in Microsoft Windows.#A remote attacker could exploit it by enticing their victim into browsing a malicious website in order to execute arbitrary code with victim's rights.##This vulnerability stems from an improper handling of objects in memory.#Updated, 16/09/2016:#Further information is available about this vulnerability:#- use-after-free within the use of the IDispatch interface in Microsoft XML Core Services (MSXML).)
     
Vulnerable Products   Vulnerable OS:
Windows 10 (Microsoft) - 1511 32-bit Systems, 1511 64-bit Systems, 1607 32-bit Systems, 1607 64-bit Systems, 32-bit Systems, 64-bit SystemsWindows 2008 (Microsoft) - Itanium-based Server SP2, Server SP2, X64 Edition SP2Windows 2008 R2 (Microsoft) - Itanium systems SP1, X64-systems SP1Windows 2012 (Microsoft) - ServerWindows 2012 R2 (Microsoft) - ServerWindows 7 (Microsoft) - 32-bit systems SP1, X64 systems SP1Windows 8 (Microsoft) - 8.1 32-bit Systems, 8.1 64-bit SystemsWindows Vista (Microsoft) - 32 bits SP2, X64 Edition SP2Vulnerable Software:
Internet Explorer (Microsoft) - 10, 11, 11, 11, 11, ..., 11, 9.0, 9.0, 9.0, 9.0
     
Solution   Microsoft has released security bulletins MS16-104 and MS16-116 which fix this vulnerability and replace bulletins MS14-064 and MS16-095.
     
CVE   CVE-2016-3375
     
References   - MS16-104 : Cumulative Security Update for Internet Explorer
https://technet.microsoft.com/library/en-us/security/MS16-104
- MS16-116 : Security Update in OLE Automation for VBScript Scripting Engine
https://technet.microsoft.com/en-us/library/security/MS16-116
- ZDI : Microsoft Windows MSXML IDispatch Use-After-Free Information Disclosure Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-16-512/
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Web 2.0 : Detection of visual basic script embedded in web page
5.0.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2016-09-13 

 Target Type 
Client 

 Possible exploit 
Remote