JSON View XML View

Key Value
MTID M115519
Title (MS16-134) Microsoft Windows Common Log File System Privilege Escalation IV (3193706)
Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

The flaw lies in the Common Log File System component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-134

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS17-001
- Cumulative Update for Windows 10 (KB3210720): KB3210720
- Cumulative Update for Windows 10 Version 1511 (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3210721): KB3210721

The patches for the following products are superseded by patches provided in: MS16-153
- Cumulative Update for Windows 10 Version 1607 (KB3206632): KB3206632
- Microsoft Windows Server 2008: KB3203838
- Microsoft Windows Server 2008 for x64-based Systems: KB3203838
- Microsoft Windows Vista: KB3203838
- Microsoft Windows Vista for x64-based Systems: KB3203838

https://technet.microsoft.com/library/security/MS17-001
https://technet.microsoft.com/library/security/MS16-153

Vendor Microsoft
Attack Vector Malicious remote network traffic
Importance 5
Impact 10.00084536000
Threat Score 9.33
Labels
Patch Tuesday
References
CVECVE-2016-3334
MSFTBulletinMS16-134
MSFTQNumber3193706
DISA IAVA2016-A-0316
MTIDM115519
CPEs
cpe:/o:microsoft:windows_vista:sp2
cpe:/o:microsoft:windows_2008_x64:sp2
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows:2008:sp2
cpe:/o:microsoft:windows_7:sp1
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_server_2012:r2:-:x64
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
cpe:/a:microsoft:windows_server:2016:x64
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:48 UTC

Back