Endpoint Vulnerability

Microsoft: Windows NetLogon Memory Corruption Remote Code Execution Vulnerability

Description

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. To exploit the vulnerability, a domain-authenticated attacker could make a specially crafted NetLogon request to a domain controller. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. This update corrects how Windows handles objects in memory to prevent corruption.

Affected Products

Windows Server 2008,Windows Server 2012

References

CVE-2016-3228,