CVE-2016-0099: Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032)

by CIRT Team

CVE-2016-0099: The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka “Secondary Logon Elevation of Privilege Vulnerability.”

Mitigation: Microsoft has released patches for Windows Platform.

Reference URL’s: 

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0099
• https://technet.microsoft.com/en-us/library/security/ms16-032.aspx
• https://support.microsoft.com/en-us/help/3143141/ms16-032-security-update-for-secondary-logon-to-address-elevation-of-privilege-march-8,-2016
• http://www.securitytracker.com/id/1035210
• https://www.tenable.com/plugins/index.php?view=single&id=89755

CIRT Team