SB2016071224 - Security Update for Windows Kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016071224

SB2016071224 - Security Update for Windows Kernel

Published: July 12, 2016

Security Bulletin ID SB2016071224
Severity
Low
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Local access
Highest impact Information disclosure

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Windows file system security feature bypass (CVE-ID: CVE-2016-3258)

The vulnerability allows a local attacker to bypass certain security restrictions.

The vulnerability exists in windows kernel due to an error, which can be used to bypass file path-based checks from a low integrity application using time of check time of use (TOCTOU) issues. A local attacker can potentially modify files outside of a low integrity level application.

Successful exploitation of this vulnerability requires usage of another vulnerability, which allows to compromise the sandbox process from a low integrity application.


2) Windows kernel information disclosure vulnerability (CVE-ID: CVE-2016-3272)

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to incorrect handling of certain page fault system calls in Windows kernel. A local user can disclose information from another process.

Successful exploitation of this vulnerability may allow a local attacker to gain access to potentially sensitive information.


Remediation

Install update from vendor's website.

References