CVE-2016-0180

Name of the Vulnerable Software and Affected Versions Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 Gold and 1511

Description The issue is related to the mishandling of symbolic links by the kernel in Windows, allowing local users to gain privileges via a crafted application. This is due to insufficient access restrictions in the operating system. The vulnerability can be exploited by an attacker to elevate their privileges.

Recommendations For Windows Vista SP2, update to a newer version to mitigate the risk. For Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Windows 7 SP1, update to a newer version to mitigate the risk. For Windows 8.1, update to a newer version to mitigate the risk. For Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Windows RT 8.1, update to a newer version to mitigate the risk. For Windows 10 Gold and 1511, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to symbolic links to minimize the risk of exploitation.