|
|||
Rule General Information |
---|
Release Date: | 2016-03-18 | |
Rule Name: | FILE-OTHER Foxit Reader Phoneinfo.dll Insecure Library Loading Vulnerability -2 (CVE-2016-0041) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." | |
Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
Affected OS: | Windows | |
Reference: | MicrosoftSecurityBulletin:MS16-009 MicrosoftSecurityBulletin:MS16-014 SecurityTrackerID:1034971 SecurityTrackerID:1034985 |
|
Solutions |
---|
Microsoft has released a patch MS16-009 to eliminate the vulnerability. The patch can be downloaded at http://technet.microsoft.com/security/bulletin/MS16-009 |