JSON View XML View

Key Value
MTID M114993
Title (MS16-124) Microsoft Windows Kernel Privilege Escalation I (3193227)
Description A vulnerability in some versions of Microsoft Windows Kernel could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows Kernel could lead to privilege escalation.


The flaw occurs when a Windows kernel API improperly allows a user to access sensitive registry information. Successful exploitation could allow a local user to gain elevated privileges.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-124

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-142
- Cumulative Update for Windows 10 (KB3198585): KB3198585
- Cumulative Update for Windows 10 Version 1511 (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1607 (KB3200970): KB3200970

The patches for the following products are superseded by patches provided in: MS16-139
- Microsoft Windows Server 2008: KB3198483
- Microsoft Windows Server 2008 x64 Edition: KB3198483
- Microsoft Windows Vista: KB3198483
- Microsoft Windows Vista for x64-based Systems: KB3198483

https://technet.microsoft.com/library/security/MS16-142
https://technet.microsoft.com/library/security/MS16-139

Vendor Microsoft
Attack Vector Authenticated locally logged on user with limited privileges
Importance 4
Impact 2.8627500
Threat Score 4.3
Labels
Patch Tuesday
References
CVECVE-2016-0070
MSFTBulletinMS16-124
MSFTQNumber3193227
DISA IAVA2016-A-0282
MTIDM114993
CPEs
cpe:/o:microsoft:windows_server_2008::sp2:x64
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows_server_2008:r2:sp1:itanium
cpe:/o:microsoft:windows_vista::sp2
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2008:-:sp2:itanium
cpe:/o:microsoft:windows_7::sp1:x86
cpe:/o:microsoft:windows_server_2008:-:sp2:x86
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
Created At 2016-10-11 00:00:00 UTC
Updated At 2016-11-19 10:31:20 UTC

Back