November, 2016 Security Monthly Quality Rollup for Windows 7 (KB3197868)
Severity
Critical
Vulnerabilities Patched
CVE-2016-7199
CVE-2016-7216
CVE-2016-7214
CVE-2016-7205
CVE-2016-7215
CVE-2016-3335
CVE-2016-7212
CVE-2016-3332
CVE-2016-3340
CVE-2016-7255
CVE-2016-7248
CVE-2016-3342
CVE-2016-7237
CVE-2016-0026
CVE-2016-3338
CVE-2016-7238
CVE-2016-7246
CVE-2016-3333
CVE-2016-7227
CVE-2016-7239
CVE-2016-7196
CVE-2016-7184
CVE-2016-7210
CVE-2016-7221
CVE-2016-3343
CVE-2016-7198
CVE-2016-7218
CVE-2016-7256
CVE-2016-7195
CVE-2016-3334
Description
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata.
