virus logo Intrusion Prevention

MS.Windows.Kernel.Structure.Initialization.Privilege.Escalation

description-logoDescription

This indicates an attack attempt to exploit a Privilege Escalation vulnerability in Microsoft Windows.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted application file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted application file.

affected-products-logoAffected Products

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (3168965)
Windows Server 2008 for x64-based Systems Service Pack 2 (3168965)
Windows Server 2008 for Itanium-based Systems Service Pack 2 (3168965)
Windows 7 for 32-bit Systems Service Pack 1 (3168965)
Windows 7 for x64-based Systems Service Pack 1 (3168965)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (3168965)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (3168965)
Windows 8.1 for 32-bit Systems (3168965)
Windows 8.1 for x64-based Systems (3168965)
Windows Server 2012 (3168965)
Windows Server 2012 R2 (3168965)
Windows RT 8.1 (3168965)
Windows 10 for 32-bit Systems (3163912)
Windows 10 for x64-based Systems (3163912)
Windows 10 Version 1511 for 32-bit Systems (3172985)
Windows 10 Version 1511 for x64-based Systems (3172985)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) (3168965)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) (3168965)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) (3168965)
Windows Server 2012 (Server Core installation) (3168965)
Windows Server 2012 R2 (Server Core installation) (3168965)

Impact logoImpact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/security/bulletin/MS16-090

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 42714
Created Jul 12, 2016
Updated Feb 27, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2016-3249
Exploit Prediction Score 0.08%
Default Action drop
Active
Affected OS Windows
Affected App Other