Rapid7 Vulnerability & Exploit Database

MS16-026: Security Update for Graphic Fonts to Address Remote Code Execution (3143148)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

MS16-026: Security Update for Graphic Fonts to Address Remote Code Execution (3143148)

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

03/08/2016

Created

07/25/2018

Added

03/08/2016

Modified

11/18/2021

Description

A denial of service vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could cause a denial of service condition. For systems running Windows 10, an attacker who successfully exploited the vulnerability could potentially cause the application to stop responding instead of the system.

Solution(s)

WINDOWS-HOTFIX-MS16-023-0c7e9829-cc88-4af8-ae95-e2823ab2cbfa
WINDOWS-HOTFIX-MS16-023-3f5f2fab-88aa-4fbf-975d-94424a363208
WINDOWS-HOTFIX-MS16-023-62cef694-cd47-4d46-be15-e0a592991d07
WINDOWS-HOTFIX-MS16-023-a52756d1-e676-45c3-8fa3-af607ba9a62e
WINDOWS-HOTFIX-MS16-026-04ea041f-63e1-4c25-b357-be79c6a29660
WINDOWS-HOTFIX-MS16-026-18c3ca8c-b318-4604-9e36-6c62b80a23d5
WINDOWS-HOTFIX-MS16-026-3d6c8197-3c4f-46dd-bd97-25028ce9308f
WINDOWS-HOTFIX-MS16-026-3fe4312b-b370-4464-aa46-498a94e81961
WINDOWS-HOTFIX-MS16-026-4b308ba7-4422-4c64-9cd5-9ee72547adaf
WINDOWS-HOTFIX-MS16-026-4f41d8b6-a158-4670-ab0c-2cd56600b88a
WINDOWS-HOTFIX-MS16-026-57e66200-26e7-4996-8096-dea63cd087fa
WINDOWS-HOTFIX-MS16-026-5ea8b325-9bb6-45d8-a388-2e77601f506b
WINDOWS-HOTFIX-MS16-026-5f6d7431-c76e-435a-9e1a-d829fff2523b
WINDOWS-HOTFIX-MS16-026-73ece136-fb60-4335-b2fd-1b98aa3c0637
WINDOWS-HOTFIX-MS16-026-792375c2-bc6a-4f53-a0f4-b4a7f59b087f
WINDOWS-HOTFIX-MS16-026-7d2ea465-0534-4147-8e11-01cc1c896aa3
WINDOWS-HOTFIX-MS16-026-9d4be710-ecc9-4e8b-b1ff-a93a6624c789
WINDOWS-HOTFIX-MS16-026-b513bf12-468b-4718-a841-1165a38a501d
WINDOWS-HOTFIX-MS16-026-bf86e51d-964b-48aa-b532-4350232cc79f
WINDOWS-HOTFIX-MS16-026-d06c3248-ff7e-4fc8-bf80-c48365450b91
WINDOWS-HOTFIX-MS16-026-e46e824c-a60b-4196-bb81-2066ccf97aac
WINDOWS-HOTFIX-MS16-026-ed5637b8-19ec-44d9-a19c-1918e41d75e8

References

https://attackerkb.com/topics/cve-2016-0120
84027
84071
CVE - 2016-0120
CVE - 2016-0121
MS16-026
3143148

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MS16-026: Security Update for Graphic Fonts to Address Remote Code Execution (3143148)

MS16-026: Security Update for Graphic Fonts to Address Remote Code Execution (3143148)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.