CVE-2016-0099 — Actively Exploited: Windows (Microsoft)
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
| CVE ID | CVE-2016-0099 |
|---|---|
| Vendor | Microsoft |
| Product | Windows |
| Vulnerability name | Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability |
| Date added | 2022-03-03 |
| Remediation due | 2022-03-24 |
| Known ransomware use | Known |
| Required action | Apply updates per vendor instructions. |
| Description | A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →