CVE-2016-3228

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows Server 2012 Gold and R2

Description The issue exists due to insufficient input validation in the Windows operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code using a specially crafted NetLogon request. This can enable remote authenticated users to execute arbitrary code.

Recommendations For Microsoft Windows Server 2008 SP2 and R2 SP1, consider restricting access to the NetLogon request until a patch is available. For Microsoft Windows Server 2012 Gold and R2, consider disabling the vulnerable component related to the NetLogon request as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.