PT-2016-2001 · Microsoft · Windows Server 2012 R2+5
Published
2016-05-10
·
Updated
2018-10-12
·
CVE-2016-0179
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Windows Shell versions in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511
Description
The issue is related to insufficient access control in the Windows Shell component of the Windows operating system. It allows a remote attacker to execute arbitrary code by using a specially crafted website. This can potentially affect the system.
Recommendations
For Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511, consider restricting access to the Windows Shell until a patch is available.
As a temporary workaround, avoid using specially crafted websites that could exploit the vulnerability in the Windows Shell component.
Fix
RCE
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 10
Windows 8.1
Windows Rt 8.1
Windows Server 2012 R2
Windows Shell