Endpoint Vulnerability

Microsoft: RPC Network Data Representation Engine Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists in the way Microsoft Windows handles specially crafted Remote Procedure Call (RPC) requests. The remote code execution can occur when the RPC Network Data Representation (NDR) Engine improperly frees memory. An authenticated attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An authenticated attacker could exploit the vulnerability by making malformed RPC requests to an affected host. The update addresses this vulnerability by modifying the way that Microsoft Windows handles RPC messages.

Affected Products

Windows RT 8.1,Windows Vista x64 Edition Service Pack 2,Windows Server 2012,Windows 8,Windows 7,Windows 10,Windows Server 2008,Windows Vista Service Pack 2

References

CVE-2016-0178,