CVE-2016-0099 | Microsoft Windows Vista SP2 up to Server 2012 R2 Secondary Login CreateProcessWithToken/CreateProcessWithLogon access control (MS16-032 / EDB-39574)
A vulnerability was found in Microsoft Windows Vista SP2 up to Server 2012 R2. It has been rated as critical. Affected by this issue is the function CreateProcessWithToken/CreateProcessWithLogon of the component Secondary Login. The manipulation leads to improper access controls.
This vulnerability is handled as CVE-2016-0099. Attacking locally is a requirement. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.