MS16-122: Description of the security update for Microsoft video control: October 11, 2016

Summary
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if the Microsoft video control fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. However, an attacker must first convince a user to open a specially crafted file or a program from either a webpage or an email message.

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-122.
More information
Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, get security updates automatically.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-122 that corresponds to the version of Windows that you are running.
More information

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
File Information

File hash information

File nameSHA1 hashSHA256 hash
Windows6.0-KB3190847-x86.msu86CA9546970614CC0B14E0B6F9C14C56833A18A2863552211E1FE0C3D15ED87B3855AB59064B6CA0916D70D5E4DCD52EBCA4214A
Windows6.0-KB3190847-x64.msuE8B1DF27393C69EAC15446777D710A2E143F89CE554A3AC05A75BF61BC62EA8775EE1DCEA4897BBED5535310409A0AFF39628E86

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Windows Vista file information

Notes

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    Version Product Milestone Service branch
    6.0.600 2.19xxxWindows VistaSP2GDR
    6.0.600 2.23xxxWindows VistaSP2LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.


For all supported x86-based versions
File nameFile versionFile sizeDateTimePlatform
Msvidctl.dll6.5.6002.196891,544,70403-Sep-201615:50x86
Msvidctl.dll6.5.6002.240141,544,70430-Aug-201615:17x86


For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatform
Msvidctl.dll6.5.6002.196892,528,76803-Sep-201616:08x64
Msvidctl.dll6.5.6002.240142,528,76830-Aug-201615:39x64
Msvidctl.dll6.5.6002.196891,544,70403-Sep-201615:50x86
Msvidctl.dll6.5.6002.240141,544,70430-Aug-201615:17x86
malicious attacker exploit
Eigenschappen

Artikel-id: 3190847 - Laatst bijgewerkt: 10/11/2016 17:29:00 - Revisie: 1.0

Windows Vista Service Pack 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3190847
Feedback
ERROR: at System.Diagnostics.Process.Kill() at Microsoft.Support.SEOInfrastructureService.PhantomJS.PhantomJSRunner.WaitForExit(Process process, Int32 waitTime, StringBuilder dataBuilder, Boolean isTotalProcessTimeout)