CVE-2016-0152

Name of the Vulnerable Software and Affected Versions Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2

Description The issue is related to the mishandling of library loading by Internet Information Services (IIS) in Microsoft Windows, which can be exploited by local users to gain privileges via a crafted application. This can potentially allow remote attackers to execute arbitrary code and affect the system.

Recommendations For Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2, consider restricting access to the system until a patch is available. As a temporary workaround, consider disabling any unnecessary library loading functionality in IIS to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.