CVE-2016-0099 - Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability
Project:Microsoft
Product:Windows
Date Added:2022-03-03Due Date:2022-03-24
Vulnerability Name
Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability
Description
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-0099