vulnerability
MS16-067: Security Update for Volume Manager Driver (3155784)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | May 10, 2016 | May 10, 2016 | Jun 26, 2020 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
May 10, 2016
Added
May 10, 2016
Modified
Jun 26, 2020
Description
An information disclosure vulnerability exists in Microsoft Windows when a USB disk mounted over Remote Desktop Protocol (RDP) via Microsoft RemoteFX is not correctly tied to the session of the mounting user. An attacker who successfully exploited this vulnerability could obtain access to file and directory information on the mounting userâs USB disk. This update addresses the vulnerability by ensuring that access to USB disks over RDP is correctly enforced to prevent non-mounting session access.
Solution(s)
WINDOWS-HOTFIX-MS16-067-1988531e-c23d-4ee7-9461-6fca037d7e32WINDOWS-HOTFIX-MS16-067-1f274a40-2a12-406e-b3df-b5ef13ffa353WINDOWS-HOTFIX-MS16-067-20d1a457-eca7-488d-a870-96d7374cb436WINDOWS-HOTFIX-MS16-067-3c2a8a09-806d-4fe0-a786-34bff45fc354WINDOWS-HOTFIX-MS16-067-4480cfce-5328-439b-801a-596b676f5597WINDOWS-HOTFIX-MS16-067-c25370f3-1d00-4ce8-be8c-381fbf754b40
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.