Windows Kernel-Mode Drivers Object Memory Handling Bugs Let Local Users Gain Elevated Privileges
|
SecurityTracker Alert ID: 1034334 |
SecurityTracker URL: http://securitytracker.com/id/1034334
|
CVE Reference:
CVE-2015-6171, CVE-2015-6173, CVE-2015-6174, CVE-2015-6175
(Links to External Site)
|
Date: Dec 8 2015
|
Impact:
Root access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 8.1, 2012, 2012 R2, RT, RT 8.1, 10; and prior service packs
|
Description:
Several vulnerabilities were reported in Windows Kernel-Mode Drivers. A local user can obtain elevated privileges on the target system.
A local user can run a specially crafted program to trigger an object handling memory error execute arbitrary commands on the target system with kernel-mode privileges.
Nils Sommer of bytegeist (via Google Project Zero) reported three of the vulnerabilities.
|
Impact:
A local user can obtain kernel-mode privileges on the target system.
|
Solution:
The vendor has issued a fix.
A patch matrix is available in the vendor's advisory.
The Microsoft advisory is available at:
https://technet.microsoft.com/library/security/ms15-135
|
Vendor URL: technet.microsoft.com/library/security/ms15-135 (Links to External Site)
|
Cause:
Access control error
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|