#VU130 Windows secure kernel mode information disclosure in Windows


Published: 2016-07-14 | Updated: 2017-02-03

Vulnerability identifier: #VU130

Vulnerability risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-3256

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Windows
Operating systems & Components / Operating system

Vendor: Microsoft

Description

The vulnerability allows a local user to obtain potentially sensitive information.

The vulnerability exists due to unknown error when handling objects in memory. A local user can read sensitive information on the target system.

Successful exploitation of this vulnerability may allow a local attacker to obtain potentially sensitive information.

Mitigation

To resolve this vulnerability vendor recommends installing the following updates:

Windows 10

Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems

Vulnerable software versions

Windows:

External links
http://technet.microsoft.com/en-us/library/security/MS16-089
http://technet.microsoft.com/en-us/library/security/ms16-089.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Secure kernel mode information disclosure in Windows 10
Windows Secure Kernel Mode Information Disclosure Vulnerability
Security Update for Windows Secure Kernel Mode