| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-112 | Security Update for Windows Lock Screen (3178469) | Windows 8.1 | Important | 14-09-2016 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Windows improperly allows web content to load from the Windows lock screen.
Detailed Information on the risk:
An elevation of privilege vulnerability exists when Windows improperly allows web content to load from the Windows lock screen. To exploit the vulnerability, an attacker with physical access to a userÆs computer could either connect to a maliciously configured WiFi hotspot or insert a mobile broadband adaptor in the userÆs computer. An attacker who successfully exploited the vulnerability could potentially execute code on a user’s locked computer.
Windows 8.1 for 32-bit Systems Further information on this exploit is available at : MS16-112
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Affected Software
Windows 8.1 for 32-bit SystemsWindows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems