* [Blog](https://www.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/) * [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/) * Palo Alto Networks Resear... # Palo Alto Networks Researcher Discovers 3 New Critical IE Vulnerabilities [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F06%2Fpalo-alto-networks-researcher-discovers-3-new-critical-ie-vulnerabilities%2F) [](https://twitter.com/share?text=Palo+Alto+Networks+Researcher+Discovers+3+New+Critical+IE+Vulnerabilities&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F06%2Fpalo-alto-networks-researcher-discovers-3-new-critical-ie-vulnerabilities%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F06%2Fpalo-alto-networks-researcher-discovers-3-new-critical-ie-vulnerabilities%2F&title=Palo+Alto+Networks+Researcher+Discovers+3+New+Critical+IE+Vulnerabilities&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2016/06/palo-alto-networks-researcher-discovers-3-new-critical-ie-vulnerabilities/&ts=markdown) \[\](mailto:?subject=Palo Alto Networks Researcher Discovers 3 New Critical IE Vulnerabilities) Link copied By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") Jun 14, 2016 1 minutes [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown) [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown) [CVE-2016-3205](https://www.paloaltonetworks.com/blog/tag/cve-2016-3205/?ts=markdown) [CVE-2016-3206](https://www.paloaltonetworks.com/blog/tag/cve-2016-3206/?ts=markdown) [CVE-2016-3207](https://www.paloaltonetworks.com/blog/tag/cve-2016-3207/?ts=markdown) [microsoft](https://www.paloaltonetworks.com/blog/tag/microsoft/?ts=markdown) [Microsoft Active Protections Program](https://www.paloaltonetworks.com/blog/tag/microsoft-active-protections-program/?ts=markdown) [Vulnerabilities](https://www.paloaltonetworks.com/blog/tag/vulnerabilities/?ts=markdown) Palo Alto Networks researcher Tao Yan is [credited with the discovery](https://urldefense.proofpoint.com/v2/url?u=https-3A__technet.microsoft.com_library_security_mt674627.aspx&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=uynQ1iHCIWlJ9y0Mz5-St9lBDMHAKN0Wt07Qqq_f1TI&e=) of three new critical Microsoft vulnerabilities in [June's bulletin](https://urldefense.proofpoint.com/v2/url?u=https-3A__technet.microsoft.com_en-2Dus_library_security_mt733206.aspx&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=6TvYXnyXVAe_r8RLvv-Uwei2PGeqcs-5Sz-osyHly-Y&e=) -- [CVE-2016-3205](https://urldefense.proofpoint.com/v2/url?u=http-3A__www.cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2016-2D3205&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=QO3o7_95_KeZTYpzyRNkVuyGa6atPpPfMoz4AGfAQ4E&e=), [CVE-2016-3206](https://urldefense.proofpoint.com/v2/url?u=http-3A__www.cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2016-2D3206&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=YcRRH5dV2izZ0VQb7yMB0Kq4AT6K22jWfIV16YYZLoI&e=) and [CVE-2016-3207](https://urldefense.proofpoint.com/v2/url?u=http-3A__www.cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2016-2D3207&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=U4l6qXjjFl1I9R0drFAu3bMp56v-g6PWlt1a-GwVCRs&e=) -- affecting VBScript engine versions 5.7 and 5.8. These vulnerabilities are documented in [Microsoft Security Bulletin MS16-069](https://urldefense.proofpoint.com/v2/url?u=https-3A__technet.microsoft.com_library_security_MS16-2D069&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=EmxjuK-E4tZMzE_j5QbpROttOTXpvK2xFxWvulQyfsI&e=) and [MS16-063](https://urldefense.proofpoint.com/v2/url?u=https-3A__technet.microsoft.com_library_security_MS16-2D063&d=CwMGaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=zxiJ4lKi_yqBlltsgmOrWP6wUpF41KhDygsr86C9Pn4&m=hgy0pHrbP5StOXXkdBvtf2rpF4CVnIsrRFtDNRkb7oM&s=91iPqdbnwzmpRic6VKMOgdMbTyJAd1HWlq_GSymVcbA&e=). In our continued commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the Microsoft Active Protections Program (MAPP) program, which ensures the timely, responsible disclosure of new vulnerabilities and creation of protections from security vendors. For current customers with a Threat Prevention subscription, Palo Alto Networks has also released IPS signatures providing proactive protection for these vulnerabilities. Palo Alto Networks is a regular contributor to vulnerability research and has discovered more than 100 critical vulnerabilities over the past two years in the Microsoft, Apple, Android and other ecosystems. By proactively identifying these vulnerabilities, developing protections for our customers, and sharing them with Microsoft for patching, we are removing weapons used by attackers to compromise enterprise, government and service provider networks. *** ** * ** *** ## Related Blogs ### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) [#### How Cortex Defends Against Microsoft SharePoint "ToolShell" Exploits](https://www.paloaltonetworks.com/blog/security-operations/how-cortex-defends-against-microsoft-sharepoint-toolshell-exploits/) ### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) [#### Traps Prevents Microsoft Office Equation Editor Zero-Day CVE-2018-0802](https://www.paloaltonetworks.com/blog/2018/01/unit42-traps-prevents-microsoft-office-equation-editor-zero-day-cve-2017-11882/) ### [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) [#### Unit 42 Vulnerability Research January 2018 Disclosures - Microsoft](https://www.paloaltonetworks.com/blog/2018/01/unit42-unit-42-vulnerability-research-january-2018-disclosures-microsoft/) ### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) [#### Understanding: Affected but Not Vulnerable](https://www.paloaltonetworks.com/blog/2018/01/understanding-affected-not-vulnerable/) ### [Threat Brief](https://www.paloaltonetworks.com/blog/category/threat-brief/?ts=markdown) [#### Threat Brief: Meltdown and Spectre Vulnerabilities](https://www.paloaltonetworks.com/blog/2018/01/threat-brief-meltdown-spectre-vulnerabilities/) ### [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) [#### Palo Alto Networks Unit 42 Vulnerability Research December 2017 Disclosures - Microsoft](https://www.paloaltonetworks.com/blog/2017/12/unit42-palo-alto-networks-unit-42-vulnerability-research-december-2017-disclosures-microsoft/) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language