| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-081 | Security Update for Active Directory (3160352) | Windows Server | Important | 15-06-2016 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts. To exploit the vulnerability an attacker must have an account that has privileges to join machines to the domain.
Detailed Information on the risk:
A denial of service vulnerability exists in Active Directory when an authenticated attacker creates multiple machine accounts. An attacker who successfully exploited this vulnerability could cause the Active Directory service to become non-responsive.
To exploit this vulnerability an attacker must have valid credentials. An attacker could exploit this vulnerability by creating multiple machine accounts, resulting in denial of service. The update addresses the vulnerability by correcting how machine accounts are created.
Windows Server 2008 R2To exploit this vulnerability an attacker must have valid credentials. An attacker could exploit this vulnerability by creating multiple machine accounts, resulting in denial of service. The update addresses the vulnerability by correcting how machine accounts are created.
Further information on this exploit is available at : MS16-081
Windows Server 2012
Windows Server 2012 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Affected Software
Windows Server 2008 R2Windows Server 2012
Windows Server 2012 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1