CVE-2016-3237

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT 8.1 Microsoft Windows 10 Gold, 1511, and 1607

Description The issue allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change. This is due to insufficient access restrictions in the Windows operating system, which can be exploited by a remote attacker to bypass the authentication procedure by affecting the NTLM authentication system during a domain account password change.

Recommendations For Microsoft Windows Vista SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 8.1, update to a newer version to mitigate the risk. For Microsoft Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Microsoft Windows RT 8.1, update to a newer version to mitigate the risk. For Microsoft Windows 10 Gold, 1511, and 1607, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the NTLM authentication system during domain account password changes until a patch is available.