Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
2016年9月15日
危険度: 緊急
概要
An information disclosure vulnerability exists when Windows fails to properly validate NTLM Single Sign-On (SSO) requests during Microsoft Account (MSA) login sessions. To exploit the vulnerability, an attacker would have to trick a user into browsing to a malicious web site or UNC path, or convince a user to load a malicious document that initiates an NTLM SSO validation request without the consent of the user.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1007931