← ExploitWatch
HomeExploited Vulnerabilities

CVE-2016-0099 — Actively Exploited: Windows (Microsoft)

A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.

CVE IDCVE-2016-0099
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Secondary Logon Service Privilege Escalation Vulnerability
Date added2022-03-03
Remediation due2022-03-24
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionA privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →