Oval Definition:	oval:org.cisecurity:def:883
Revision Date: 2016-07-29 Version: 30 Title: Windows Netlogon Memory Corruption Remote Code Execution Vulnerability – CVE-2016-3228 (MS16-076) Description: Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-3228 Platform(s): Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Product(s): Definition Synopsis Microsoft Windows Server 2008 is installed + file version Microsoft Windows Windows Server 2008 is installed Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed AND Check for file version Check if wdigest.dll version is less than 6.0.6002.19659 OR Check for Limited Distribution Release (LDR) file version Check if wdigest.dll version is greater than or equal to 6.0.6002.23000 AND Check if wdigest.dll version is less than 6.0.6002.23974 OR Microsoft Server 2008 R2 is installed + file version Microsoft Server 2008 R2 is installed Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check if wdigest.dll version is less than 6.1.7601.23452 OR Microsoft Windows Server 2012 R2 is installed + file version Microsoft Windows Server 2012 R2 is installed AND Check if wdigest.dll version is less than 6.3.9600.18334 OR Microsoft Windows Server 2012 is installed + file version Microsoft Windows Server 2012 (64-bit) is installed AND Check if wdigest.dll version is less than 6.2.9200.21858
BACK