Rapid7 Vulnerability & Exploit Database

MS16-018: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

MS16-018: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
02/09/2016
Created
07/25/2018
Added
02/09/2016
Modified
11/18/2021

Description

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Solution(s)

  • WINDOWS-HOTFIX-MS16-009-4e752c2f-ef69-41d1-aa08-1b8494248c1f
  • WINDOWS-HOTFIX-MS16-009-62a1716b-37d0-4c3c-8e51-457b4cf65a4b
  • WINDOWS-HOTFIX-MS16-009-68467c09-87ed-42f4-a4ab-91b1504d0b4b
  • WINDOWS-HOTFIX-MS16-009-89800a01-9b74-4b67-bdf5-3906b031b58c
  • WINDOWS-HOTFIX-MS16-018-082ee2b6-a1bf-4149-9056-f47644e57ff8
  • WINDOWS-HOTFIX-MS16-018-0cfa0dfd-d4d0-4f3c-8a90-a674e507bf5e
  • WINDOWS-HOTFIX-MS16-018-15b5ebb0-2625-4ac7-8d27-2972b1c11e6e
  • WINDOWS-HOTFIX-MS16-018-1a59a556-49d1-437d-bf5d-554db402ccf0
  • WINDOWS-HOTFIX-MS16-018-34269ae1-5653-4933-a76c-8cffc258ed0a
  • WINDOWS-HOTFIX-MS16-018-3f56cdb6-cd89-43ae-81c6-cffa664c5da1
  • WINDOWS-HOTFIX-MS16-018-5f81a105-8c1e-4666-be51-a044b0d34a19
  • WINDOWS-HOTFIX-MS16-018-65f0e2d0-ae91-4402-85a5-6f0a9b0fdd98
  • WINDOWS-HOTFIX-MS16-018-66debd41-94d4-41b3-8499-8faeb97fabb6
  • WINDOWS-HOTFIX-MS16-018-6b9c5193-fdf8-4b10-9991-49a8e927ec34
  • WINDOWS-HOTFIX-MS16-018-70515840-29a5-4cde-8fa7-6749898505f9
  • WINDOWS-HOTFIX-MS16-018-84489e05-a250-47a8-a6b0-5a5496594937
  • WINDOWS-HOTFIX-MS16-018-bd1ddbb5-de88-45b3-85a8-067ff7870bd4
  • WINDOWS-HOTFIX-MS16-018-bf294fd8-7425-4187-98a2-8d78776c38cc
  • WINDOWS-HOTFIX-MS16-018-c1570595-1171-4035-a666-72ae164fd183
  • WINDOWS-HOTFIX-MS16-018-d85bab14-266f-4416-9181-ff6dc7dfe4ec
  • WINDOWS-HOTFIX-MS16-018-f2884993-c678-458f-8779-1a40bc747e36
  • WINDOWS-HOTFIX-MS16-018-f2b8a6be-da59-470a-9741-82252603c7b8

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;