Multiple vulnerabilities in Microsoft Windows - MS16-137ID: oval:org.secpod.oval:def:37925 | Date: (C)2016-11-09 (M)2024-03-06 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS16-137. The update is required to fix multiple vulnerability. A flaw is present in the application, which fails to properly handle crafted vectors. An attacker who successfully exploited this vulnerability could elevate their permissions from unprivileged user account to administrator. The attacker could then install programs; view, change or delete data; or create new accounts. The attacker could subsequently attempt to elevate by locally executing a specially crafted application designed to manipulate NTLM password change requests.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2008 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Vista |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |