MS16-153: Security update for Common Log File System driver: December 13, 2016

Summary

This security update resolves a vulnerability in Microsoft Windows that could allow information disclosure when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass security measures on the affected system, thereby allowing further exploitation.

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-153.

More Information

Important
  • All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Additional information about this security update


The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.
  • 3203838 MS16-153: Security update for common log file system driver: December 13, 2016
  • 3205400 December 2016 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2
  • 3205401 December 2016 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2
  • 3205408 December 2016 Security Only Quality Update for Windows Server 2012
  • 3205409 December 2016 Security Monthly Quality Rollup for Windows Server 2012
  • 3205394 December 2016 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1
  • 3207752 December 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
Additionally, see the following articles for more information about Windows 10, Windows 10 version 1511, Windows 10 version 1607, and Windows Server 2016: 

More Information

Security update deployment information
How to obtain help and support for this security update
Properties

Article ID: 3207328 - Last Review: Dec 13, 2016 - Revision: 1

Feedback