Rapid7 Vulnerability & Exploit Database

MS16-077: Security Update for WPAD (3165191)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

MS16-077: Security Update for WPAD (3165191)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
06/14/2016
Created
07/25/2018
Added
06/14/2016
Modified
11/18/2021

Description

An elevation of privilege vulnerability exists in Microsoft Windows when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. An attacker who successfully exploited this vulnerability could bypass security and gain elevated privileges on a targeted system.

Solution(s)

  • WINDOWS-HOTFIX-MS16-063-47554aba-fd2f-4db4-aa7f-8530e5208b56
  • WINDOWS-HOTFIX-MS16-063-76158f6b-7833-4cd0-8e20-fcf6a7576a7c
  • WINDOWS-HOTFIX-MS16-063-7d7b8580-ff44-4dc9-9795-13563702cfb8
  • WINDOWS-HOTFIX-MS16-063-d2f6b85d-f62d-4ad4-81e4-ee7738642c90
  • WINDOWS-HOTFIX-MS16-077-128f63c6-d74b-4e8d-817e-f432bfe9df73
  • WINDOWS-HOTFIX-MS16-077-25c0fd19-d4e4-4af5-aad9-f308dde496d5
  • WINDOWS-HOTFIX-MS16-077-2763e5ad-50cd-491a-b362-439e562fde08
  • WINDOWS-HOTFIX-MS16-077-32e6bfca-8972-445e-bd59-2a95f32c6092
  • WINDOWS-HOTFIX-MS16-077-34ebf312-0831-4d79-8beb-0b9e713bac18
  • WINDOWS-HOTFIX-MS16-077-4e4888e4-46d4-4a9a-9327-def1f1aaad99
  • WINDOWS-HOTFIX-MS16-077-56989b34-704b-4a90-8c28-b432c53e54bc
  • WINDOWS-HOTFIX-MS16-077-5bc0e07b-33ca-4ea2-8253-4f0dcd26783a
  • WINDOWS-HOTFIX-MS16-077-6033c60b-3828-4280-ba3f-a5760286ce69
  • WINDOWS-HOTFIX-MS16-077-67a00639-09a1-4c5f-83ff-394e7601fc03
  • WINDOWS-HOTFIX-MS16-077-6d6489a8-8c72-4889-85af-e420e664fa81
  • WINDOWS-HOTFIX-MS16-077-7445554a-53b9-44d6-8075-c09cbec65dc9
  • WINDOWS-HOTFIX-MS16-077-74ae0908-f0c2-4432-9c8f-b85e688cedde
  • WINDOWS-HOTFIX-MS16-077-89093b04-90be-48a2-acc6-be8838675fb3
  • WINDOWS-HOTFIX-MS16-077-89945e0d-013c-4e3c-b058-1a3be952e3b7
  • WINDOWS-HOTFIX-MS16-077-9284e4ef-8efb-43e9-b1ed-a34fc31ee9c8
  • WINDOWS-HOTFIX-MS16-077-c83a6007-40f0-4ef1-9532-ac02ff0cf3ef
  • WINDOWS-HOTFIX-MS16-077-ee0f8252-5299-4a78-9f6f-c93940749254

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;