CVE-2016-0151

The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass Vulnerability."

• http://www.securitytracker.com/id/1035544

  secure@microsoft.com Broken Link Third Party Advisory VDB Entry
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-048

  secure@microsoft.com Patch Vendor Advisory
• https://www.exploit-db.com/exploits/39740/

  secure@microsoft.com Exploit Third Party Advisory VDB Entry
• http://www.securitytracker.com/id/1035544

  af854a3a-2127-422b-91ae-364da2661108 Broken Link Third Party Advisory VDB Entry
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-048

  af854a3a-2127-422b-91ae-364da2661108 Patch Vendor Advisory
• https://www.exploit-db.com/exploits/39740/

  af854a3a-2127-422b-91ae-364da2661108 Exploit Third Party Advisory VDB Entry
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0151

  134c704f-9b21-4f2e-91b3-4a467353bcc0