CVE-2016-0099

critical-risk
Published 2016-03-09

The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability."

Do I need to act?

!
90.4% chance of exploitation in next 30 days
EPSS score — higher than 10% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
4 public exploits available
39809, 40107, 39719 and 1 more
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (9)

Affected Vendors

Microsoft

References (15)

Broken Link http://www.securityfocus.com/bid/84034
Broken Link http://www.securitytracker.com/id/1035210
Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-03...
Exploit https://www.exploit-db.com/exploits/39574/
Exploit https://www.exploit-db.com/exploits/39719/
Exploit https://www.exploit-db.com/exploits/39809/
Exploit https://www.exploit-db.com/exploits/40107/
Broken Link http://www.securityfocus.com/bid/84034
Broken Link http://www.securitytracker.com/id/1035210
Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-03...
Exploit https://www.exploit-db.com/exploits/39574/
Exploit https://www.exploit-db.com/exploits/39719/
Exploit https://www.exploit-db.com/exploits/39809/
Exploit https://www.exploit-db.com/exploits/40107/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-...
73
/ 100
critical-risk
Severity 24/34 · High
Exploitability 34/34 · Critical
Exposure 15/34 · Moderate