Microsoft WPAD CVE-2016-3213 Elevation of Privilege Vulnerability

description-logoDescription

An elevation of privilege vulnerability exists in Microsoft Windows when the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process. An attacker who successfully exploited this vulnerability could bypass security and gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker could respond to NetBIOS name requests for WPAD. The update addresses the vulnerability by correcting how Windows handles proxy discovery.

affected-products-logoAffected Applications

Windows RT 8.1
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows Server 2012
Internet Explorer 11
Windows 8
Windows Server 2008
Windows 10
Windows 7
Windows Vista Service Pack 2

CVE References

CVE-2016-3213