Rapid7 Vulnerability & Exploit Database

MS16-110: Security Update for Microsoft Windows (3178467)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

MS16-110: Security Update for Microsoft Windows (3178467)

Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
09/13/2016
Created
07/25/2018
Added
09/13/2016
Modified
11/18/2021

Description

An elevation of privilege vulnerability exists in the way that Windows enforces permissions if an attacker loads a specially crafted DLL. A locally-authenticated attacker who successfully exploited this vulnerability could run arbitrary code as a system administrator. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Solution(s)

  • WINDOWS-HOTFIX-MS16-104-28f23bdb-daf7-47ea-80dd-6e203f0b2a74
  • WINDOWS-HOTFIX-MS16-104-ebfeea9b-f063-411e-8e11-021d589ba04b
  • WINDOWS-HOTFIX-MS16-110-0ee18cc6-bed3-4558-9bd3-88d4b42f46e8
  • WINDOWS-HOTFIX-MS16-110-12ca8b4e-22d2-4ece-8cbf-9b243c574549
  • WINDOWS-HOTFIX-MS16-110-5a65781c-b680-49b9-8250-c6e864558770
  • WINDOWS-HOTFIX-MS16-110-5c9e48e9-eac3-44ff-ad9d-ef4d5f1a9353
  • WINDOWS-HOTFIX-MS16-110-64202eb9-e9f0-4d93-b908-158436883a94
  • WINDOWS-HOTFIX-MS16-110-8544aaef-9b39-4770-a1ce-393c6fa70de8
  • WINDOWS-HOTFIX-MS16-110-8b314103-7382-4c65-8679-135d24dc8966
  • WINDOWS-HOTFIX-MS16-110-91dc998e-1832-41bb-b2b7-d2e1a6e02ced
  • WINDOWS-HOTFIX-MS16-110-9e14709f-0459-4659-a01d-c454593a5db1
  • WINDOWS-HOTFIX-MS16-110-a2715e0c-46e3-44eb-8c6d-4d676028180a
  • WINDOWS-HOTFIX-MS16-110-c3ca1b90-a3aa-4ae0-90fc-868f51960b94
  • WINDOWS-HOTFIX-MS16-110-d622005d-03d5-46b9-b082-9aa33d130e43
  • WINDOWS-HOTFIX-MS16-110-da172bc8-88a5-487c-88f3-d7a3f40d01f1
  • WINDOWS-HOTFIX-MS16-110-e92afb19-0bce-4e67-92dc-6744882a40b6
  • WINDOWS-HOTFIX-MS16-110-ebdf02c6-70d0-491b-ba64-1270eae508f8
  • WINDOWS-HOTFIX-MS16-110-f0229bb9-8681-40ab-a1cf-c29b5ce64f90
  • WINDOWS-HOTFIX-MS16-110-f899dee9-8ba5-46cd-8068-03df39821f44

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;