SAM and LSAD downgrade vulnerability in Microsoft Windows - MS16-047ID: oval:org.secpod.oval:def:33790 | Date: (C)2016-04-13 (M)2024-03-06 |
Class: PATCH | Family: windows |
The host is missing a important security update according to Microsoft security bulletin, MS16-047. The update is required to fix SAM and LSAD downgrade vulnerability. A flaw is present in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols, which accept authentication levels that do not protect them adequately and the way SAM and LSAD remote protocols establish the Remote Procedure Call (RPC) channel. An attacker who successfully exploited this vulnerability could gain access to the SAM database.
Platform: |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |