vulnerability
MS16-046: Security Update for Secondary Logon (3148538)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Apr 12, 2016 | Apr 12, 2016 | Nov 18, 2021 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 12, 2016
Added
Apr 12, 2016
Modified
Nov 18, 2021
Description
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows Secondary Logon Service fails to properly manage requests in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Solutions
WINDOWS-HOTFIX-MS16-037-1f7b2d51-98a1-4240-a636-8096fa0308c3WINDOWS-HOTFIX-MS16-037-34515df7-3d11-4fa9-98ad-77c6f0dafc2aWINDOWS-HOTFIX-MS16-037-45da2895-fcf0-4175-a533-e0fda3dbc081WINDOWS-HOTFIX-MS16-037-4d0814f6-9f22-43aa-b23c-f6243b1e1f4a
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.