Microsoft WPAD CVE-2016-3213 Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists in Microsoft Windows when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. An attacker who successfully exploited this vulnerability could bypass security and gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker could respond to NetBIOS name requests for WPAD. The update addresses the vulnerability by correcting how Windows handles proxy discovery.
Affected Applications
Windows RT 8.1
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows Server 2012
Internet Explorer 11
Windows 8
Windows Server 2008
Windows 10
Windows 7
Windows Vista Service Pack 2