Oval Definition:	oval:org.cisecurity:def:510
Revision Date: 2016-06-13 Version: 11 Title: Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability - CVE-2016-0190 (MS16-067) Description: Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 does not properly check whether RemoteFX RDP USB disk accesses originate from the user who mounted a disk, which allows local users to read arbitrary files on these disks via RemoteFX requests, aka "Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-0190 Platform(s): Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Product(s): Definition Synopsis 2k12 + vulnerable file version Microsoft Windows Server 2012 is installed AND Check if the version of Volmgr.sys is less than 6.2.9200.21831 OR Win8.1/2k12 R2 + vulnerable file version Win8.1/2k12 R2 Microsoft Windows Server 2012 R2 is installed OR Microsoft Windows 8.1 is installed AND Check if the version of Volmgr.sys is less than 6.3.9600.18302
BACK