MS16-112: Security Update for Windows Lock Screen (3178469)
High Nessus Plugin ID 93471
SynopsisThe remote Windows host is affected by an elevation of privilege vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability due to improperly allowing web content to load from the Windows lock screen.
A local attacker can exploit this, by connecting to a maliciously configured WiFi hotspot or by inserting a mobile broadband adapter, to elevate privileges and execute arbitrary code.
SolutionMicrosoft has released a set of patches for Windows 8.1, RT 8.1, 2012 R2, and 10.