Endpoint Vulnerability

Microsoft: NetBIOS Elevation of Privilege Vulnerability

Description

An elevation of privilege vulnerability exists in Microsoft Windows when NetBIOS improperly handles responses. An attacker who successfully exploited the vulnerability could use it to hijack network traffic or render untrusted content in a browser outside of Enhanced Protected Mode (EPM) or an application container. To exploit the vulnerability, an attacker whose system is joined to a local network could trick a user into believing that the attacker's system is a trusted network device. The update addresses the vulnerability by updating how NetBIOS validates responses.

Affected Products

Windows RT 8.1,Windows Vista x64 Edition Service Pack 2,Windows Server 2012,Windows 8,Windows 7,Windows 10,Windows Server 2008,Windows Vista Service Pack 2

References

CVE-2016-3299,