Main Vulnerability Database SB2016071804

SB2016071804 - Windows File System Security Feature Bypass Vulnerability

Published: July 18, 2016

Security Bulletin ID SB2016071804

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Windows file system security feature bypass (CVE-ID: CVE-2016-3258)

The vulnerability allows a local attacker to bypass certain security restrictions.

The vulnerability exists in windows kernel due to an error, which can be used to bypass file path-based checks from a low integrity application using time of check time of use (TOCTOU) issues. A local attacker can potentially modify files outside of a low integrity level application.

Successful exploitation of this vulnerability requires usage of another vulnerability, which allows to compromise the sandbox process from a low integrity application.

Remediation

Install update from vendor's website.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3258