Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2016-0151

Microsoft | Client-Server Run-time Subsystem (CSRSS)Added 2022-03-28Remediation Deadline 2022-04-18Active Ransomware Campaign

Microsoft Windows CSRSS Security Feature Bypass Vulnerability

The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-264

References