Oval Definition:oval:org.cisecurity:def:1475
Revision Date:2016-12-23Version:17
Title:Windows IME Elevation of Privilege Vulnerability – CVE-2016-7221 (MS16-130)
Description:Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading, which allows local users to gain privileges via unspecified vectors, aka "Windows IME Elevation of Privilege Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-7221
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Vista
Product(s):
Definition Synopsis
  • Microsoft Windows Vista/Server 2008 is installed + file version
  • Microsoft Windows Vista/Server 2008 is installed
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND Check for file version
  • Check if Msctf.dll version is less than 6.0.6002.19705
  • OR Check for Limited Distribution Release (LDR) file version
  • Check if Msctf.dll version is greater than or equal to 6.0.6002.24000
  • AND Check if Msctf.dll version is less than 6.0.6002.24028
  • OR Microsoft Windows 7/Server 2008 R2 is installed + file version
  • Microsoft Windows 7/Server 2008 R2 is installed
  • Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND Check if Msctf.dll version is less than 6.1.7601.23572
  • OR Microsoft Windows 8.1/Server 2012 R2 is installed + file version
  • Microsoft Windows 8.1/Server 2012 R2 is installed
  • Microsoft Windows 8.1 (x86) is installed
  • OR Microsoft Windows 8.1 (x64) is installed
  • OR Microsoft Windows Server 2012 R2 is installed
  • AND Check if Msctf.dll version is less than 6.3.9600.18514
  • OR Microsoft Windows Server 2012 is installed + file version
  • Microsoft Windows Server 2012 (64-bit) is installed
  • AND Check if Msctf.dll version is less than 6.2.9200.22006
  • OR Microsoft Windows 10 is installed + file version
  • Microsoft Windows 10 is installed
  • Microsoft Windows 10 (32-bit) is installed
  • OR Microsoft Windows 10 (64-bit) is installed
  • AND Check if Msctf.dll version is less than 10.0.10240.17184
  • OR Microsoft Windows 10 Version 1511 is installed + file version
  • Microsoft Windows 10 Version 1511 is installed
  • Microsoft Windows 10 Version 1511 (32-bit) is installed
  • OR Microsoft Windows 10 Version 1511 (64-bit) is installed
  • AND Check if Msctf.dll version is less than 10.0.10586.672
  • OR Microsoft Windows 10 Version 1607/Windows Server 2016 is installed + file version
  • Microsoft Windows 10 Version 1607/Windows Server 2016 is installed
  • Microsoft Windows 10 Version 1607 (32-bit) is installed
  • OR Microsoft Windows 10 Version 1607 (64-bit) is installed
  • OR Microsoft Windows Server 2016 is installed
  • AND Check if Msctf.dll version is less than 10.0.14393.447
    • BACK