CVE-2016-7216
published 2016-11-10CVE-2016-7216: The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain…
PriorityP434medium5.5CVSS 3.0
AVLACLPRLUINSUCHINAN
EXPLOIT
EPSS
4.14%
89.6th percentile
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| msrc | windows_7_for_32-bit_systems_service_pack_1 | — | — |
| msrc | windows_7_for_x64-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2008_for_32-bit_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_for_itanium-based_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_for_x64-based_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_r2_for_itanium-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2008_r2_for_x64-based_systems_service_pack_1 | — | — |
| msrc | windows_vista_service_pack_2 | — | — |
| msrc | windows_vista_x64_edition_service_pack_2 | — | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_msrc6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Elevation of Privilege Vulnerability
vendor_msrc·2016-11-08·CVSS 6.5
CVE-2016-7216 [MEDIUM] Windows Elevation of Privilege Vulnerability
Windows Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly enforces permissions.
Windows Kernel: Windows Kernel
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.micr
GHSA
GHSA-vx2m-r4vc-jvvr: The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users
ghsa_unreviewed·2022-05-14
CVE-2016-7216 [MEDIUM] CWE-200 GHSA-vx2m-r4vc-jvvr: The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
No detection rules found.
Talos
Microsoft Patch Tuesday - November 2016
blogs_talos·2016-11-08
Microsoft Patch Tuesday - November 2016
## Microsoft Patch Tuesday - November 2016
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanaiton of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx .
This month's release is packed full of goodies, but you don't want to wait to review them over Thanksgiving dinner as there are 14 unique bulletins addressing multiple vulnerabilities.
Critical bulletins address vulnerabilities in (alphabetically):
Adobe Flash Player
Edge
Graphics Component
Internet Explorer
Video Control
Windows The remaining bulletins are rated Important or Moderate and address vulnerabilities in the following products (listed alphabetically):
B
Talos
Microsoft Patch Tuesday - November 2016
blogs_talos·2016-11-08
Microsoft Patch Tuesday - November 2016
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanaiton of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx.
This month's release is packed full of goodies, but you don't want to wait to review them over Thanksgiving dinner as there are 14 unique bulletins addressing multiple vulnerabilities.
Critical bulletins address vulnerabilities in (alphabetically):
- Adobe Flash Player
- Edge
- Graphics Component
- Internet Explorer
- Video Control
- Windows
The remaining bulletins are rated Important or Moderate and address vulnerabilities in the following products (listed alphabetically):
- Boot Manager*
- Common Log File System
http://www.securityfocus.com/bid/94048http://www.securitytracker.com/id/1037253https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-139https://www.exploit-db.com/exploits/40766/http://www.securityfocus.com/bid/94048http://www.securitytracker.com/id/1037253https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-139https://www.exploit-db.com/exploits/40766/
2016-11-10
Published