FortiClient VulnerabilityMicrosoft RPC Network Data Representation Engine CVE-2016-0178 Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists in the way Microsoft Windows handles specially crafted Remote Procedure Call (RPC) requests. The remote code execution can occur when the RPC Network Data Representation (NDR) Engine improperly frees memory. An authenticated attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An authenticated attacker could exploit the vulnerability by making malformed RPC requests to an affected host. The update addresses this vulnerability by modifying the way that Microsoft Windows handles RPC messages.
Affected Applications
Windows RT 8.1
Windows Vista x64 Edition Service Pack 2
Windows Server 2012
Windows 8
Windows 7
Windows 10
Windows Server 2008
Windows Vista Service Pack 2
CVE References
CVE-2016-0178Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0178| ID | 55890 |
| Created | Dec 11, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows RT 8.1 , Windows Vista x64 Edition Service Pack 2 , Windows Server 2012 , Windows 8 , Windows 7 , Windows 10 , Windows Server 2008 , Windows Vista Service Pack 2 |