Microsoft Netlogon Remote Code Execution Vulnerability
Last Update Date:
19 Aug 2016
Release Date:
15 Jun 2016
3761
Views
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
- Windows Netlogon Memory Corruption Remote Code Execution
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. To exploit the vulnerability, a domain-authenticated attacker could make a specially crafted NetLogon request to a domain controller. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. This update corrects how Windows handles objects in memory to prevent corruption.
Impact
- Remote Code Execution
System / Technologies affected
- Microsoft Windows Server 2008
- Microsoft Windows Server 2008 R2
- Microsoft Windows Server 2012 and Windows Server 2012 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS16-076
Vulnerability Identifier
Source
Related Link
Share with