JSON View XML View

Key Value
MTID M115545
Title (MS16-140) Microsoft Windows Secure Boot Security Bypass (3193479)
Description A vulnerability in some versions of Microsoft Windows could lead to security bypass.
Observation A vulnerability in some versions of Microsoft Windows could lead to security bypass.

The flaw lies in the Secure Boot component. Successful exploitation by a remote attacker could result in the bypass of intended access restrictions. The exploit requires the attacker to have valid credentials to the vulnerable system.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-140

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS17-001
- Cumulative Update for Windows 10 (KB3210720): KB3210720
- Cumulative Update for Windows 10 Version 1511 (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3210721): KB3210721
- Cumulative Update for Windows 10 Version 1607 (KB3213986): KB3213986

https://technet.microsoft.com/library/security/MS17-001

Vendor Microsoft
Attack Vector Malicious remote network traffic
Importance 5
Impact 2.8627500
Threat Score 4.96
Labels
Patch Tuesday
References
CVECVE-2016-7247
MSFTBulletinMS16-140
MSFTQNumber3193479
DISA IAVA2016-B-0162
MTIDM115545
CPEs
cpe:/o:microsoft:windows_server_2012
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
cpe:/a:microsoft:windows_server:2016
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:51 UTC

Back