This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote Windows host is affected by multiple vulnerabilities.
The remote Windows host is affected by the following
- Multiple elevation of privilege vulnerabilities exist in
the Windows kernel due to improper handling of objects
in memory. A local attacker can exploit these
vulnerabilities, via a specially crafted application, to
execute arbitrary code in kernel mode. (CVE-2015-2549,
- A security feature bypass vulnerability exists due to a
failure to properly enforce the Windows Trusted Boot
policy. A local attacker can exploit this, via a
specially crafted Boot Configuration Data (BCD) setting,
to disable code integrity checks, resulting in the
execution of test-signed executables and drivers.
Additionally, a local attacker can exploit this
vulnerability to bypass Trusted Boot integrity
validation for BitLocker and Device Encryption security
- An elevation of privilege vulnerability exists due to
improper validation of junctions in certain scenarios in
which mount points are being created. An
unauthenticated, remote attacker can exploit this in
conjunction with another vulnerability to execute
arbitrary code in the context of the current user.
See also :
Microsoft has released a set of patches for Windows Vista, 2008, 7,
2008 R2, 8, RT, 2012, 8.1, RT 8.1, 2012 R2, and 10.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.0
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 86373 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now