Medium severity6.1NVD Advisory· Published Nov 10, 2016· Updated May 6, 2026

CVE-2016-7225

Description

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."

Affected products

Microsoft/Windows 103 versions
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
Microsoft/Windows Server 2016
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/94016nvd
www.securitytracker.com/id/1037248nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138nvd
www.exploit-db.com/exploits/40764/nvd

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000