CVE-2016-0151 - Microsoft Windows CSRSS Security Feature Bypass Vulnerability
Project:Microsoft
Product:Client-Server Run-time Subsystem (CSRSS)
Date Added:2022-03-28Due Date:2022-04-18
Vulnerability Name
Microsoft Windows CSRSS Security Feature Bypass Vulnerability
Description
The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-0151