| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-134 | Security Update for Common Log File System Driver (3193706) | WindowsVistax64EditionServicePack2 | Important | 09-11-2016 |
Technical Information
Brief overview of the risk:
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Detailed Information on the risk:
Elevation of privilege vulnerabilities exist when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited the vulnerabilities could run processes in an elevated context.
To exploit the vulnerabilities, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerabilities by correcting how CLFS handles objects in memoryFurther information on this exploit is available at : MS16-134
Affected Software
WindowsVistax64EditionServicePack2WindowsVistaServicePack2
WindowsServer2016forx64-basedSystems
WindowsServer2012R2(ServerCoreinstallation)
WindowsServer2012andWindowsServer2012R2
WindowsServer2012(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1
WindowsServer2008forx64-basedSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008forx64-basedSystemsServicePack2
WindowsServer2008forItanium-basedSystemsServicePack2
WindowsServer2008for32-bitSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008for32-bitSystemsServicePack2
WindowsRT8.1[1]
Windows8.1forx64-basedSystems
Windows8.1for32-bitSystems
Windows8.1
Windows7forx64-basedSystemsServicePack1
Windows7for32-bitSystemsServicePack1
Windows10Version1607forx64-basedSystems
Windows10Version1607for32-bitSystems
Windows10Version1511forx64-basedSystems
Windows10Version1511for32-bitSystems
Windows10forx64-basedSystems
Windows10for32-bitSystems