<< Back
CVE Number Vulnerability Product Severity Date
MS16-130 Security Update for Microsoft Windows (3199172) Windows10for32-bitSystems Critical 09-11-2016

Technical Information

Brief overview of the risk:
An elevation of privilege vulnerability exists in Windows when Windows Input Method Editor (IME) improperly handles DLL loading.


Detailed Information on the risk:

This security update addresses an elevation of privilege vulnerability in the Windows Task Scheduler. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.
To exploit the vulnerability, a locally authenticated attacker could use Windows Task Scheduler to schedule a new task with a malicious UNC path.

Further information on this exploit is available at : MS16-130

Windows10for32-bitSystems
Windows10forx64-basedSystems
Windows10Version1511for32-bitSystems
Windows10Version1511forx64-basedSystems
Windows10Version1607for32-bitSystems
Windows10Version1607forx64-basedSystems
Windows7for32-bitSystemsServicePack1
Windows7forx64-basedSystemsServicePack1
Windows8.1for32-bitSystems
Windows8.1forx64-basedSystems
WindowsServer2008for32-bitSystemsServicePack2
WindowsServer2008for32-bitSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008forItanium-basedSystemsServicePack2
WindowsServer2008forx64-basedSystemsServicePack2
WindowsServer2008forx64-basedSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1
WindowsServer2008R2forx64-basedSystemsServicePack1(ServerCoreinstallation)
WindowsServer2012(ServerCoreinstallation)
WindowsServer2012andWindowsServer2012R2
WindowsServer2012R2(ServerCoreinstallation)
WindowsServer2016forx64-basedSystems
WindowsVistaServicePack2
WindowsVistax64EditionServicePack2

Affected Software

Windows10for32-bitSystems
Windows10forx64-basedSystems
Windows10Version1511for32-bitSystems
Windows10Version1511forx64-basedSystems
Windows10Version1607for32-bitSystems
Windows10Version1607forx64-basedSystems
Windows7for32-bitSystemsServicePack1
Windows7forx64-basedSystemsServicePack1
Windows8.1for32-bitSystems
Windows8.1forx64-basedSystems
WindowsServer2008for32-bitSystemsServicePack2
WindowsServer2008for32-bitSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008forItanium-basedSystemsServicePack2
WindowsServer2008forx64-basedSystemsServicePack2
WindowsServer2008forx64-basedSystemsServicePack2(ServerCoreinstallation)
WindowsServer2008R2forx64-basedSystemsServicePack1
WindowsServer2008R2forx64-basedSystemsServicePack1(ServerCoreinstallation)
WindowsServer2012(ServerCoreinstallation)
WindowsServer2012andWindowsServer2012R2
WindowsServer2012R2(ServerCoreinstallation)
WindowsServer2016forx64-basedSystems
WindowsVistaServicePack2
WindowsVistax64EditionServicePack2