CVE-2016-3223

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue is related to errors in LDAP authentication handling, which can be exploited by man-in-the-middle attackers to gain privileges. This is achieved by modifying group-policy update data within a domain-controller data stream. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the manipulation of LDAP authentication, allowing attackers to elevate their privileges.

Recommendations For Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511, update to a version that includes the fix for the LDAP authentication handling issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.