Vulnerability Manager Plus

Windows NTLM Elevation of Privilege Vulnerability for Windows 10 for x64-based Systems (KB3198585) - Cumulative

Risk Information

Base Score

8.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

No records found

CVE Information

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
21678

Patch Description
Cumulative Update for Windows 10 for x64-based Systems (KB3198585)

References

http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/
http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.html
http://packetstormsecurity.com/files/140382/Microsoft-Edge-chakra.dll-Information-Leak-Type-Confusion.html
http://packetstormsecurity.com/files/140468/Microsoft-Windows-Kernel-win32k.sys-NtSetWindowLongPtr-Privilege-Escalation.html
http://technet.microsoft.com/security/bulletin/MS16-129
http://technet.microsoft.com/security/bulletin/MS16-130
http://technet.microsoft.com/security/bulletin/MS16-131
http://technet.microsoft.com/security/bulletin/MS16-132
http://technet.microsoft.com/security/bulletin/MS16-134
http://technet.microsoft.com/security/bulletin/MS16-135
http://technet.microsoft.com/security/bulletin/MS16-137
http://technet.microsoft.com/security/bulletin/MS16-138
http://technet.microsoft.com/security/bulletin/MS16-140
http://technet.microsoft.com/security/bulletin/MS16-142
http://technet.microsoft.com/security/bulletin/MS16-144
http://www.securityfocus.com/archive/1/archive/1/539734/100/0/threaded
http://www.securityfocus.com/bid/93968
http://www.securityfocus.com/bid/93970
http://www.securityfocus.com/bid/93991
http://www.securityfocus.com/bid/93998
http://www.securityfocus.com/bid/94000
http://www.securityfocus.com/bid/94003
http://www.securityfocus.com/bid/94004
http://www.securityfocus.com/bid/94007
http://www.securityfocus.com/bid/94008
http://www.securityfocus.com/bid/94009
http://www.securityfocus.com/bid/94010
http://www.securityfocus.com/bid/94011
http://www.securityfocus.com/bid/94012
http://www.securityfocus.com/bid/94013
http://www.securityfocus.com/bid/94014
http://www.securityfocus.com/bid/94015
http://www.securityfocus.com/bid/94016
http://www.securityfocus.com/bid/94017
http://www.securityfocus.com/bid/94018
http://www.securityfocus.com/bid/94021
http://www.securityfocus.com/bid/94023
http://www.securityfocus.com/bid/94027
http://www.securityfocus.com/bid/94028
http://www.securityfocus.com/bid/94030
http://www.securityfocus.com/bid/94033
http://www.securityfocus.com/bid/94038
http://www.securityfocus.com/bid/94039
http://www.securityfocus.com/bid/94040
http://www.securityfocus.com/bid/94041
http://www.securityfocus.com/bid/94042
http://www.securityfocus.com/bid/94044
http://www.securityfocus.com/bid/94045
http://www.securityfocus.com/bid/94046
http://www.securityfocus.com/bid/94047
http://www.securityfocus.com/bid/94049
http://www.securityfocus.com/bid/94051
http://www.securityfocus.com/bid/94052
http://www.securityfocus.com/bid/94053
http://www.securityfocus.com/bid/94055
http://www.securityfocus.com/bid/94057
http://www.securityfocus.com/bid/94058
http://www.securityfocus.com/bid/94059
http://www.securityfocus.com/bid/94063
http://www.securityfocus.com/bid/94064
http://www.securityfocus.com/bid/94065
http://www.securityfocus.com/bid/94066
http://www.securityfocus.com/bid/94156
http://www.securitytracker.com/id/1037241
http://www.securitytracker.com/id/1037242
http://www.securitytracker.com/id/1037243
http://www.securitytracker.com/id/1037245
http://www.securitytracker.com/id/1037248
http://www.securitytracker.com/id/1037249
http://www.securitytracker.com/id/1037251
http://www.securitytracker.com/id/1037252
http://www.securitytracker.com/id/1037255
http://www.zerodayinitiative.com/advisories/ZDI-16-592
http://www.zerodayinitiative.com/advisories/ZDI-16-593
http://www.zerodayinitiative.com/advisories/ZDI-16-594
https://bugs.chromium.org/p/project-zero/issues/detail?id=952
https://github.com/mwrlabs/CVE-2016-7255
https://github.com/theori-io/chakra-2016-11
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05340049
https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/
https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html
https://twitter.com/da5ch0/status/820161895269277696
https://www.exploit-db.com/exploits/40744/
https://www.exploit-db.com/exploits/40745/
https://www.exploit-db.com/exploits/40763/
https://www.exploit-db.com/exploits/40764/
https://www.exploit-db.com/exploits/40765/
https://www.exploit-db.com/exploits/40773/
https://www.exploit-db.com/exploits/40784/
https://www.exploit-db.com/exploits/40785/
https://www.exploit-db.com/exploits/40786/
https://www.exploit-db.com/exploits/40787/
https://www.exploit-db.com/exploits/40793/
https://www.exploit-db.com/exploits/40823/
https://www.exploit-db.com/exploits/40875/
https://www.exploit-db.com/exploits/40990/
https://www.exploit-db.com/exploits/41015/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7184
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7218
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7210
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7246
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7199
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3340
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7202
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7239
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7223
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7215
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7238
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7201
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7227
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7255
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7204
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7195
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3333
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7247
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3332
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7203
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3342
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0026
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7224
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7217
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7220
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7225
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7248
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7226