CVE-2016-0185

Confirmed PUBLISHED

Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media...

Microsoft · Windows
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.8 High

At a Glance

Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."

cisa windows
CVE Published
May 11, 2016
Exploitation Reported
Nov 03, 2021
CVSS
7.8 High
EPSS
Low complexity Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • MS16-059 docs.microsoft.com · Vendor Advisory https://docs.microsoft.com/en-us/security-updates/securitybulletins/2...
  • 39805 exploit-db.com · Exploit https://www.exploit-db.com/exploits/39805/
  • 90023 securityfocus.com · VDB Entry http://www.securityfocus.com/bid/90023
  • 1035832 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1035832
  • zerodayinitiative.com/advisories/ZDI-16-277 zerodayinitiative.com · CVE Record http://www.zerodayinitiative.com/advisories/ZDI-16-277

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.