JSON View XML View

Key Value
MTID M116156
Title (MS16-153) Microsoft Windows Common Log File System Driver Privilege Escalation (3207328)
Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation.

The flaw occurs when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. Successful exploitation could allow a local user to gain elevated privileges.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-153

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS17-001
- Cumulative Update for Windows 10 Version 1607 (KB3213986): KB3213986
- Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3213986): KB3213986
- Cumulative Update for Windows Server 2016 for x64-based Systems (KB3213986): KB3213986

https://technet.microsoft.com/library/security/MS17-001

Vendor Microsoft
Attack Vector Authenticated locally logged on user with limited privileges
Importance 5
Impact 2.8627500
Threat Score 2.11
Labels
Patch Tuesday
References
CVECVE-2016-7295
MSFTBulletinMS16-153
MSFTQNumber3207328
DISA IAVA2016-A-0351
MTIDM116156
CPEs
cpe:/o:microsoft:windows_server_2008::sp2:x64
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows_server_2008:r2:sp1:itanium
cpe:/o:microsoft:windows_vista::sp2
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2008:-:sp2:itanium
cpe:/o:microsoft:windows_7::sp1:x86
cpe:/o:microsoft:windows_server_2008:-:sp2:x86
cpe:/o:microsoft:windows_8.1
cpe:/o:microsoft:windows_8.1:::x64
cpe:/o:microsoft:windows_server_2012:r2
cpe:/o:microsoft:windows_rt:8.1
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
cpe:/a:microsoft:windows_server:2016:x64
Created At 2016-12-13 00:00:00 UTC
Updated At 2017-02-16 15:09:53 UTC

Back