CVE-2016-0099

A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. Vendor/Product: Microsoft Windows. Added to CISA KEV 2022-03-03; required action: Apply updates per vendor instructions.