High severity8.8NVD Advisory· Published Sep 14, 2016· Updated May 6, 2026

CVE-2016-3352

Description

Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information Disclosure Vulnerability."

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/92852nvd
www.securitytracker.com/id/1036798nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-110nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.026
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000