Microsoft NetLogon CVE-2016-3300 Elevation of Privilege Vulnerability

description-logoDescription

An elevation of privilege vulnerability exists when Windows Netlogon improperly establishes a secure communications channel to a domain controller. An attacker who successfully exploited the vulnerability could run a specially crafted application on a domain-joined system. To exploit the vulnerability, an attacker would require access to a domain-joined machine that points to a domain controller running either Windows Server 2012 or Windows Server 2012 R2. The update addresses the vulnerability by modifying how Netlogon handles the establishment of secure channels.

affected-products-logoAffected Applications

Windows RT 8.1
Windows Server 2012
Windows 8

CVE References

CVE-2016-3300