MS16-138: Security Update for Microsoft Virtual Hard Disk Driver (3199647)
High Nessus Plugin ID 94639
SynopsisThe remote host is affected by multiple elevation of privilege vulnerabilities.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by multiple elevation of privilege vulnerabilities in the Windows Virtual Hard Disk Driver due to improper handling of user access to certain files. A local attacker can exploit these, via a specially crafted application, to manipulate files not intended to be available to the user.
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.