Security Alert (A16-11-02): Vulnerability in Microsoft Windows


 

Published on: 02 November 2016

Last update on: 09 November 2016

     
Email to

Description:

A vulnerability was identified in Microsoft Windows Kernel. A local user can obtain elevated privileges on the target system when invoking a specially crafted system call.


Affected Systems:

  • All Windows versions

Impact:

A successful attack could lead to elevation of privilege and remote code execution.


Recommendation:

Microsoft Security Bulletin MS16-135 was released to address the vulnerability found in Windows Kernel. The patches are available from Microsoft Update website at:

This link will open in a new windowhttp://update.microsoft.com/microsoftupdate

Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.


More Information:

This link will open in a new windowhttps://technet.microsoft.com/library/security/MS16-135
This link will open in a new windowhttps://www.hkcert.org/my_url/en/alert/16110201
This link will open in a new windowhttps://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html
This link will open in a new windowhttp://securitytracker.com/id/1037155
This link will open in a new windowhttp://www.govcert.gov.hk/en/A16-11-03.html
This link will open in a new windowhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7214



Tag: Windows , Microsoft
Tags