| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-025 | Security Update for Windows Library Loading to Address Remote Code Execution (3140709) | Windows Vista | Important | 09-03-2016 |
Technical Information
Brief overview of the risk:
The vulnerability could allow remote code execution if Microsoft Windows fails to properly validate input before loading certain libraries.
Detailed Information on the risk:
A remote code execution vulnerability exists when Microsoft Windows fails to properly validate input before loading certain libraries. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
To exploit the vulnerability, an attacker must first gain access to the local system and have the ability to execute a malicious application. The update corrects how Windows validates input when loading certain libraries.
Windows Vista Service Pack 2 To exploit the vulnerability, an attacker must first gain access to the local system and have the ability to execute a malicious application. The update corrects how Windows validates input when loading certain libraries.
Further information on this exploit is available at : MS16-025
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Affected Software
Windows Vista Service Pack 2Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)