CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 24, 2022
High
CISA KEVRansomwareCVE-2016-0099
Microsoft—Windows
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2016-0099
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Mar 3, 2022
- KEV Added
- Mar 3, 2022
- Due Date
- Mar 24, 2022
- Related Articles
- 0
Vendor
Microsoft
Windows