IRONSMITHINTEL

Microsoft Windows Server 2016 Vulnerabilities

Fix Microsoft Windows Server 2016 on Windows Server

86 entries · Windows Server · Sorted by severity

Showing 186 of 86 results

SeverityTitleCVSS
CRITICAL
KB4512517: Windows Server 2016 Security Update (August 2019)Windows Remote Desktop Services (RDP) — Wormable Pre-Auth RCE ("DejaBlue")Microsoft Windows Server 20169.8
CRITICAL
KB4512517: Windows Server 2016 Security Update (August 2019)Windows DHCP Server — Memory Corruption Denial of Service (RCE Potential)Microsoft Windows Server 20169.8
CRITICAL
KB4534271: Windows Server 2016 Security Update (January 2020)Windows Remote Desktop Gateway ("BlueGate") — Companion UDP RCE on Port 3391Microsoft Windows Server 20169.8
CRITICAL
KB5000803: Windows Server 2016 Security Update (March 2021)Windows DNS Server — Unauthenticated RCE (A heap-based buffer overflow) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB5008207: Windows Server 2016 Security Update (December 2021)Microsoft iSNS Server — Unauthenticated Memory-Corruption RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5013952: Windows Server 2016 Security Update (May 2022)Windows LDAP — Remote Code Execution (Requires Non-Default MaxReceiveBuffer)Microsoft Windows Server 20169.8
CRITICAL
KB5014702: Windows Server 2016 Security Update (June 2022)Windows Network File System (NFS) — Unauthenticated RCE (A size-calculation error in NFSv4.1 COMPOUND requests that under-allocates the response buffer and overflows it when populating fields)Microsoft Windows Server 20169.8
CRITICAL
KB5016622: Windows Server 2016 Security Update (August 2022)Windows Point-to-Point Protocol (PPP) — Unauthenticated Network RCE on RRAS ServersMicrosoft Windows Server 20169.8
CRITICAL
KB4534271: Windows Server 2016 Security Update (January 2020)Windows Remote Desktop Gateway ("BlueGate") — Pre-Auth UDP RCE on Port 3391Microsoft Windows Server 20169.8
CRITICAL
KB5003197: Windows Server 2016 Security Update (May 2021)Hyper-V vmswitch.sys — Guest-to-Host RCE via Crafted RNDIS over VMBusMicrosoft Windows Server 20169.9
CRITICAL
KB5062560: Windows Server 2016 Security Update (July 2025)SPNEGO NEGOEX Heap-Based Buffer Overflow — Wormable Unauthenticated RCE in LSASSMicrosoft Windows Server 20169.8
CRITICAL
KB5087537: Windows Server 2016 Security Update (May 2026)Windows Netlogon Stack-Based Buffer Overflow — Unauthenticated RCE on Domain ControllersMicrosoft Windows Server 20169.8
CRITICAL
KB5046612: Windows Server 2016 Security Update (November 2024)Windows Kerberos KDC Proxy (KPSSVC) — Unauthenticated RCE via Integer OverflowMicrosoft Windows Server 20169.8
CRITICAL
KB4512517: Windows Server 2016 Security Update (August 2019)Windows Remote Desktop Services (RDP) — Wormable Pre-Auth RCE ("DejaBlue")Microsoft Windows Server 20169.8
CRITICAL
KB4471321: Windows Server 2016 Security Update (December 2018)Windows DNS Server — Unauthenticated RCE (A heap-based buffer overflow in DNS request handling) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB4507460: Windows Server 2016 Security Update (July 2019)Windows DHCP Server — Unauthenticated Network RCE (A memory corruption in DHCP failover packet handling)Microsoft Windows Server 20169.8
CRITICAL
KB4512517: Windows Server 2016 Security Update (August 2019)Bluetooth BR/EDR Key Negotiation ("KNOB") — Encryption Downgrade AttackMicrosoft Windows Server 20169.3
CRITICAL
KB4586830: Windows Server 2016 Security Update (November 2020)Windows Network File System (NFSv3) — Wormable Kernel Heap Overflow RCEMicrosoft Windows Server 20169.8
CRITICAL
KB4601318: Windows Server 2016 Security Update (February 2021)Windows DNS Server — Unauthenticated RCE (A heap-based buffer overflow) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB4601318: Windows Server 2016 Security Update (February 2021)Windows DNS Server — Unauthenticated RCE (An out-of-bounds write in dynamic-update parsing) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB4601318: Windows Server 2016 Security Update (February 2021)Windows TCP/IP IPv6 — Unauthenticated RCE / DoS via Crafted IPv6 PacketsMicrosoft Windows Server 20169.8
CRITICAL
KB5003638: Windows Server 2016 Security Update (June 2021)Kerberos AppContainer Security Feature Bypass — Capability Check SkippedMicrosoft Windows Server 20169.4
CRITICAL
KB5004238: Windows Server 2016 Security Update (July 2021)Windows Kernel SR-IOV — Network RCE on Servers Hosting VMs with SR-IOV DevicesMicrosoft Windows Server 20169.9
CRITICAL
KB5005043: Windows Server 2016 Security Update (August 2021)Windows TCP/IP Stack — Unauthenticated Network RCEMicrosoft Windows Server 20169.9
CRITICAL
KB5009546: Windows Server 2016 Security Update (January 2022)Windows IKE Protocol Extensions — Unauthenticated RCE (A stack-based buffer overflow in the ISAKMP VendorID payload handler (the 10-byte buffer is overflowed when a longer VendorID is sent))Microsoft Windows Server 20169.8
CRITICAL
KB5012596: Windows Server 2016 Security Update (April 2022)Windows Network File System (NFS) — Unauthenticated RCE (A companion NFS RCE patched alongside CVE-2022-24491)Microsoft Windows Server 20169.8
CRITICAL
KB5013952: Windows Server 2016 Security Update (May 2022)Windows LDAP — Remote Code Execution (Requires Non-Default MaxReceiveBuffer)Microsoft Windows Server 20169.8
CRITICAL
KB5022838: Windows Server 2016 Security Update (February 2023)Microsoft PEAP (Protected Extensible Authentication Protocol) — Heap-Based Buffer Overflow RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5022838: Windows Server 2016 Security Update (February 2023)Microsoft PEAP (Protected Extensible Authentication Protocol) — Unauthenticated RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5022838: Windows Server 2016 Security Update (February 2023)Microsoft PEAP (Protected Extensible Authentication Protocol) — Heap-Based Buffer Overflow RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5017305: Windows Server 2016 Security Update (September 2022)Windows TCP/IP IPv6 Reassembly — Unauthenticated RCE on IPsec Hosts ("EvilESP")Microsoft Windows Server 20169.8
CRITICAL
KB5017305: Windows Server 2016 Security Update (September 2022)Windows IKE Protocol Extensions — Unauthenticated RCE (A flaw in how IKE / IPsec processes crafted IP packets when IKE and AuthIP IPsec Keying Modules are active)Microsoft Windows Server 20169.8
CRITICAL
KB5017305: Windows Server 2016 Security Update (September 2022)Windows IKE Protocol Extensions — Unauthenticated RCE (A companion vulnerability to CVE-2022-34721 in the same IKE / IPsec protocol extensions (September 2022 patch cycle))Microsoft Windows Server 20169.8
CRITICAL
KB5023697: Windows Server 2016 Security Update (March 2023)Microsoft RPC Runtime — Integer-Underflow Unauthenticated RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5023697: Windows Server 2016 Security Update (March 2023)Windows ICMP Protocol Stack — Heap-Based Buffer Overflow Unauthenticated Kernel RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5028169: Windows Server 2016 Security Update (July 2023)Windows Routing and Remote Access Service (RRAS) — Unauthenticated Network RCE (#3 of 3 in July 2023)Microsoft Windows Server 20169.8
CRITICAL
KB5029242: Windows Server 2016 Security Update (August 2023)Microsoft Message Queuing (MSMQ) — Integer-Overflow RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5032197: Windows Server 2016 Security Update (November 2023)Windows Pragmatic General Multicast (PGM) — Unauthenticated RCE (A buffer over-read)Microsoft Windows Server 20169.8
CRITICAL
KB5032197: Windows Server 2016 Security Update (November 2023)Microsoft PEAP — Heap-Based Buffer Overflow RCE (November 2023)Microsoft Windows Server 20169.8
CRITICAL
KB5044293: Windows Server 2016 Security Update (October 2024)Windows Netlogon — Adjacent-Network Elevation of Privilege via DC Name ImpersonationMicrosoft Windows Server 20169.0
CRITICAL
KB5028169: Windows Server 2016 Security Update (July 2023)Windows Routing and Remote Access Service (RRAS) — Unauthenticated Network RCE (#2 of 3 in July 2023)Microsoft Windows Server 20169.8
CRITICAL
KB5016622: Windows Server 2016 Security Update (August 2022)Windows Point-to-Point Protocol (PPP) — Unauthenticated Network RCE on RRAS ServersMicrosoft Windows Server 20169.8
CRITICAL
KB4038782: Windows Server 2016 Security Update (September 2017)Windows DHCP Server — Unauthenticated Network RCE (A boundary error in DHCP failover packet processing)Microsoft Windows Server 20169.8
CRITICAL
KB5025228: Windows Server 2016 Security Update (April 2023)Microsoft Message Queuing (MSMQ) "QueueJumper" — Unauthenticated RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5000803: Windows Server 2016 Security Update (March 2021)Windows DNS Server — Unauthenticated RCE (An out-of-bounds read leading to RCE) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB5000803: Windows Server 2016 Security Update (March 2021)Windows DNS Server — Unauthenticated RCE (An out-of-bounds write triggered by oversized SIG records on dynamic updates) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB5005043: Windows Server 2016 Security Update (August 2021)Windows Services for NFS ONCRPC XDR Driver — Unauthenticated RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5025228: Windows Server 2016 Security Update (April 2023)Windows Pragmatic General Multicast (PGM) — Unauthenticated RCE (An integer-underflow input-validation flaw)Microsoft Windows Server 20169.8
CRITICAL
KB5027219: Windows Server 2016 Security Update (June 2023)Windows Pragmatic General Multicast (PGM) — Unauthenticated RCE (An integer-underflow input-validation flaw)Microsoft Windows Server 20169.8
CRITICAL
KB5027219: Windows Server 2016 Security Update (June 2023)Windows Pragmatic General Multicast (PGM) — Unauthenticated RCE (An input-validation flaw)Microsoft Windows Server 20169.8
CRITICAL
KB5028169: Windows Server 2016 Security Update (July 2023)Microsoft Message Queuing (MSMQ) — Unauthenticated Network RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5029242: Windows Server 2016 Security Update (August 2023)Microsoft Message Queuing (MSMQ) — Unauthenticated Network RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5031362: Windows Server 2016 Security Update (October 2023)Windows IIS Server — Unauthenticated Authentication-Bypass Elevation of PrivilegeMicrosoft Windows Server 20169.8
CRITICAL
KB5040434: Windows Server 2016 Security Update (July 2024)Remote Desktop Licensing Service — Unauthenticated Integer-Underflow RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5040434: Windows Server 2016 Security Update (July 2024)Remote Desktop Licensing Service — Heap-Based Buffer Overflow RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5041773: Windows Server 2016 Security Update (August 2024)Windows Network Virtualization — Use-After-Free RCEMicrosoft Windows Server 20169.1
CRITICAL
KB5041773: Windows Server 2016 Security Update (August 2024)Windows Network Virtualization — Heap-Based Buffer Overflow RCE (Companion to CVE-2024-38159)Microsoft Windows Server 20169.1
CRITICAL
KB5041773: Windows Server 2016 Security Update (August 2024)Windows Line Printer Daemon (LPD) Service — Use-After-Free RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5029242: Windows Server 2016 Security Update (August 2023)Microsoft Message Queuing (MSMQ) — Unauthenticated RCE (Companion to CVE-2023-36910)Microsoft Windows Server 20169.8
CRITICAL
KB5073722: Windows Server 2016 Security Update (July 2025)SQLite (winsqlite3.dll) Memory Corruption — RCE via Crafted SQL AggregateMicrosoft Windows Server 20169.8
CRITICAL
KB5063871: Windows Server 2016 Security Update (August 2025)Windows GDI+ Heap-Based Buffer Overflow — Unauthenticated RCE via Crafted MetafileMicrosoft Windows Server 20169.8
CRITICAL
KB5068864: Windows Server 2016 Security Update (November 2025)Windows GDI+ (gdiplus.dll) Heap-Based Buffer Overflow — Unauthenticated RCE via Crafted MetafileMicrosoft Windows Server 20169.8
CRITICAL
KB5049993: Windows Server 2016 Security Update (January 2025)Windows Reliable Multicast Transport Driver (RMCAST) Use-After-Free — Unauthenticated Network RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5041773: Windows Server 2016 Security Update (August 2024)Windows Reliable Multicast Transport Driver (RMCAST) — Use-After-Free RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5026363: Windows Server 2016 Security Update (May 2023)Windows Network File System (NFS) — Unauthenticated RCE in NFSv4.1 utf8string ParsingMicrosoft Windows Server 20169.8
CRITICAL
KB5027219: Windows Server 2016 Security Update (June 2023)Windows Pragmatic General Multicast (PGM) — Unauthenticated RCE (A heap-based buffer overflow)Microsoft Windows Server 20169.8
CRITICAL
KB5028169: Windows Server 2016 Security Update (July 2023)Windows Routing and Remote Access Service (RRAS) — Unauthenticated Network RCE (#1 of 3 in July 2023)Microsoft Windows Server 20169.8
CRITICAL
KB4601318: Windows Server 2016 Security Update (February 2021)Windows TCP/IP IPv4 Source-Routing — Unauthenticated RCE via Crafted IP FragmentsMicrosoft Windows Server 20169.8
CRITICAL
KB5012596: Windows Server 2016 Security Update (April 2022)Windows Network File System (NFS) — Unauthenticated RCE (An NFS protocol parsing flaw)Microsoft Windows Server 20169.8
CRITICAL
KB5013952: Windows Server 2016 Security Update (May 2022)Windows Network File System (NFS) — Unauthenticated RCE (A stack buffer overflow in NLM Portmap handling — GETADDR RPC response is crafted by the attacker)Microsoft Windows Server 20169.8
CRITICAL
KB4512517: Windows Server 2016 Security Update (August 2019)Windows DHCP Client — Memory Corruption RCE via Malicious DHCP ResponseMicrosoft Windows Server 20169.8
CRITICAL
KB5000803: Windows Server 2016 Security Update (March 2021)Windows DNS Server — Unauthenticated RCE (A memory corruption in DNS query parsing) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB5033910: Windows Server 2016 Security Update (January 2024).NET / Visual Studio X.509 Chain-Building Bug — Authentication Bypass via Malformed SignatureMicrosoft Windows Server 20169.1
CRITICAL
KB5082198: Windows Server 2016 Security Update (April 2026)Windows IKE Service Extensions Double-Free — Unauthenticated RCE via Crafted IKEv2 PacketMicrosoft Windows Server 20169.8
CRITICAL
KB5026363: Windows Server 2016 Security Update (May 2023)Windows Pragmatic General Multicast (PGM) — Unauthenticated RCE (A heap-based buffer overflow)Microsoft Windows Server 20169.8
CRITICAL
KB5031362: Windows Server 2016 Security Update (October 2023)Microsoft Message Queuing (MSMQ) — Unauthenticated Network RCEMicrosoft Windows Server 20169.8
CRITICAL
KB5012596: Windows Server 2016 Security Update (April 2022)Windows RPC Runtime Library — Wormable Unauthenticated RCE on TCP 445Microsoft Windows Server 20169.8
CRITICAL
KB4487026: Windows Server 2016 Security Update (February 2019)Windows DHCP Server — Unauthenticated Network RCE (A memory corruption in how the DHCP server processes crafted packets)Microsoft Windows Server 20169.8
CRITICAL
KB5000803: Windows Server 2016 Security Update (March 2021)Windows DNS Server — Unauthenticated RCE (A memory corruption in DNS record handling) — Requires Dynamic UpdatesMicrosoft Windows Server 20169.8
CRITICAL
KB5009546: Windows Server 2016 Security Update (January 2022)Windows Hyper-V — Guest-VM Adjacent-Network Elevation of PrivilegeMicrosoft Windows Server 20169.0
HIGHCISA KEV
KB5058383: Windows Server 2016 Security Update (May 2025)Windows Common Log File System (CLFS) Driver Heap Overflow — Actively Exploited Privilege EscalationMicrosoft Windows Server 20167.8
HIGHCISA KEV
KB5058383: Windows Server 2016 Security Update (May 2025)Windows Ancillary Function Driver for WinSock (afd.sys) Use-After-Free — Actively Exploited Privilege EscalationMicrosoft Windows Server 20167.8
HIGH
KB5082198: Windows Server 2016 Security Update (April 2026)Windows Remote Desktop Client — Remote Code Execution via Malicious RDP ServerMicrosoft Windows Server 20168.8
HIGH
KB5082198: Windows Server 2016 Security Update (April 2026)Windows Shell Security Feature Bypass — Network Security Control EvasionMicrosoft Windows Server 20168.8
HIGH
KB5082198: Windows Server 2016 Security Update (April 2026)Windows TCP/IP IPv6 Race Condition — Wormable Unauthenticated RCE on IPsec HostsMicrosoft Windows Server 20168.1
MEDIUM
KB5034119: Windows Server 2016 Security Update (January 2024)Windows BitLocker Security Feature Bypass — Encryption Bypass via Boot Manager / Recovery EnvironmentMicrosoft Windows Server 20166.6