Multiple elevation of privilege vulnerabilities exist in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information.
Microsoft released a security update to correct how the kernel API restricts access to this information.
This security update is rated Important for all supported releases of Microsoft Windows.
The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
Customers are advised to refer to MS16-124 for more information.
Following are links for downloading patches to fix the vulnerabilities: