Home

Windows NTLM Elevation of Privilege Vulnerability for Windows Server 2012 (KB3197877) x64 bases systems

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
65.102%

CVE Information

Source CVE
CVE-2016-7256

Associated CVE
CVE-2016-7256
CVE-2016-7255
CVE-2016-7195
CVE-2016-7196
CVE-2016-7217
CVE-2016-7205
CVE-2016-7237
CVE-2016-7247
CVE-2016-7224
CVE-2016-7246
CVE-2016-7221
CVE-2016-7215
CVE-2016-7212
CVE-2016-7238
CVE-2016-7198
CVE-2016-7210
CVE-2016-3332
CVE-2016-3333
CVE-2016-3334
CVE-2016-3335
CVE-2016-3338
CVE-2016-3340
CVE-2016-3342
CVE-2016-3343
CVE-2016-7184
CVE-2016-0026
CVE-2016-7223
CVE-2016-7214
CVE-2016-7227
CVE-2016-7239
CVE-2016-7199
CVE-2016-7218

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
21699

Patch Description
November, 2016 Security Monthly Quality Rollup for Windows Server 2012 (KB3197877)

References

http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/
http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html
http://technet.microsoft.com/security/bulletin/MS16-129
http://technet.microsoft.com/security/bulletin/MS16-130
http://technet.microsoft.com/security/bulletin/MS16-132
http://technet.microsoft.com/security/bulletin/MS16-134
http://technet.microsoft.com/security/bulletin/MS16-135
http://technet.microsoft.com/security/bulletin/MS16-137
http://technet.microsoft.com/security/bulletin/MS16-138
http://technet.microsoft.com/security/bulletin/MS16-142
http://www.securityfocus.com/bid/93991
http://www.securityfocus.com/bid/93998
http://www.securityfocus.com/bid/94000
http://www.securityfocus.com/bid/94004
http://www.securityfocus.com/bid/94009
http://www.securityfocus.com/bid/94010
http://www.securityfocus.com/bid/94011
http://www.securityfocus.com/bid/94012
http://www.securityfocus.com/bid/94014
http://www.securityfocus.com/bid/94015
http://www.securityfocus.com/bid/94017
http://www.securityfocus.com/bid/94027
http://www.securityfocus.com/bid/94033
http://www.securityfocus.com/bid/94040
http://www.securityfocus.com/bid/94045
http://www.securityfocus.com/bid/94051
http://www.securityfocus.com/bid/94052
http://www.securityfocus.com/bid/94053
http://www.securityfocus.com/bid/94057
http://www.securityfocus.com/bid/94059
http://www.securityfocus.com/bid/94063
http://www.securityfocus.com/bid/94064
http://www.securityfocus.com/bid/94065
http://www.securityfocus.com/bid/94156
http://www.securitytracker.com/id/1037241
http://www.securitytracker.com/id/1037243
http://www.securitytracker.com/id/1037245
http://www.securitytracker.com/id/1037248
http://www.securitytracker.com/id/1037249
http://www.securitytracker.com/id/1037251
http://www.securitytracker.com/id/1037252
http://www.zerodayinitiative.com/advisories/ZDI-16-592
http://www.zerodayinitiative.com/advisories/ZDI-16-594
https://github.com/mwrlabs/CVE-2016-7255
https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/
https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html
https://twitter.com/da5ch0/status/820161895269277696
https://www.exploit-db.com/exploits/40744/
https://www.exploit-db.com/exploits/40745/
https://www.exploit-db.com/exploits/40765/
https://www.exploit-db.com/exploits/40823/
https://www.exploit-db.com/exploits/41015/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7184
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7218
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7210
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7246
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7199
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3334
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3340
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7223
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7215
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3343
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7221
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7238
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7227
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7255
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7195
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3333
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7247
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3332
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3342
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0026
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7224
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7217