Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2016-0099

Microsoft | WindowsAdded 2022-03-03Remediation Deadline 2022-03-24Active Ransomware Campaign

Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-264

References