Threat Advisories - NVD Disclosed October 14, 2016

CVE-2016-7193

Microsoft Office RTF Document Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Microsoft Office is vulnerable to code execution via crafted RTF documents. This presents a risk to organizations if employees open malicious files, potentially leading to system compromise and data exposure.

NVD published: October 14, 2016 • CISA KEV

CVE advisoryKnown Exploit

CVE-2016-3393

Windows GDI Remote Code Execution Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A vulnerability in the Windows Graphics Device Interface allows remote attackers to execute arbitrary code via a crafted website. Exploitation could grant attackers control over affected systems, posing a business risk of data compromise and operational disruption. Affected organizations should identify and remediate i

NVD published: October 14, 2016 • CISA KEV

CVE advisoryKnown Exploit

CVE-2016-3298

Internet Explorer Information Disclosure Vulnerability.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

Microsoft Internet Explorer and the Windows Messaging API can be exploited to reveal the existence of arbitrary files. This weakness could enable attackers to discover sensitive information on affected systems, posing a business risk of unauthorized access and potential reconnaissance.

NVD published: October 14, 2016 • CISA KEV