Skip to main content

Microsoft Netlogon Remote Code Execution Vulnerability

Last Update Date: 19 Aug 2016 Release Date: 15 Jun 2016 3831 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS
  1. Windows Netlogon Memory Corruption Remote Code Execution
    This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. To exploit the vulnerability, a domain-authenticated attacker could make a specially crafted NetLogon request to a domain controller. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. This update corrects how Windows handles objects in memory to prevent corruption.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012 and Windows Server 2012 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link