SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Microsoft Windows Secure Boot Policy Application Bug Lets Local Users
SecurityTracker Alert ID:  1036290
SecurityTracker URL:  http://securitytracker.com/id/1036290
CVE Reference:   CVE-2016-3287   (Links to External Site)
Date:  Jul 12 2016
Impact:   User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.1, 2012, 2012 R2, 10, 10 Version 1511
Description:   A vulnerability was reported in Microsoft Windows Secure Boot. A local user can bypass security restrictions to obtain elevated privileges on the target system.

A local administrative user or a physically local user can trigger a flaw in the application of Windows Secure Boot policies to disable code integrity checks and load and run arbitrary drivers on the target system.

This can also be exploited to bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.

Impact:   A local administrative user or a physically local user can bypass security restrictions to obtain elevated privileges on the target system.
Solution:   The vendor has issued a fix.

Windows 8.1 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=a16c58cf-4e79-4e51-b39b-50ff623c5ff9

Windows 8.1 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=0afae908-718e-4f83-9b8b-f276aa12ecaf

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=ef857803-9aa0-4284-9e34-0c0bf6d1f354

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=ef357a04-dd1e-4c34-bfde-c4445f3a5379

Windows Server 2012 (Server Core installation):

https://www.microsoft.com/downloads/details.aspx?familyid=ef857803-9aa0-4284-9e34-0c0bf6d1f354

Windows Server 2012 R2 (Server Core installation):

https://www.microsoft.com/downloads/details.aspx?familyid=ef357a04-dd1e-4c34-bfde-c4445f3a5379

Windows 10:

https://support.microsoft.com/kb/3163912

Windows 10 Version 1511:

https://support.microsoft.com/kb/3172985

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms16-094

Vendor URL:  technet.microsoft.com/library/security/ms16-094 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC