SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Kernel Vendors:   Microsoft
Windows Kernel-Mode Drivers Multiple Flaws Let Local Users Obtain Potentially Sensitive Information, Bypass ASLR Security Restrictions, and Gain Elevated Privileges
SecurityTracker Alert ID:  1037251
SecurityTracker URL:  http://securitytracker.com/id/1037251
CVE Reference:   CVE-2016-7214, CVE-2016-7215, CVE-2016-7218, CVE-2016-7246, CVE-2016-7255   (Links to External Site)
Date:  Nov 9 2016
Impact:   Disclosure of system information, Disclosure of user information, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Vista SP2, 2008 SP2, 2008 R2 SP1, 7 SP1, 8.1, RT 8.1, 2012, 2012 R2, 10, 10 Version 1511, 10 Version 1607, 2016
Description:   Multiple vulnerabilities were reported in Windows Kernel-Mode Drivers. A local user can obtain potentially sensitive information. A local user can bypass security restrictions. A local user can gain elevated privileges on the target system.

A local user can run a specially crafted application to trigger a flaw in the Windows kernel and bypass kernel Address Space Layout Randomization (ASLR) security to obtain the memory address of a kernel object [CVE-2016-7214].

A local user can run a specially crafted application to trigger an object memory handling flaw and execute arbitrary code with kernel-level privileges on the target system [CVE-2016-7215, CVE-2016-7246, CVE-2016-7255].

A local user can run a specially crafted application to trigger an object memory handling flaw in the 'bowser.sys' driver and obtain potentially sensitive information on the target system [CVE-2016-7218].

Anonymous (via Trend Micro's Zero Day Initiative (ZDI)), Neel Mehta and Billy Leonard of Google's Threat Analysis Group, eike Hacquebord, Peter Pi, and Brooks Li of Trend Micro's Zero Day Initiative (ZDI), Peter Hlavaty (@zer0mem), KeenLab, Tencent, and bee13oy of CloverSec Labs (via Trend Micro's Zero Day Initiative (ZDI)) reported these vulnerabilities.

Impact:   A local user can obtain potentially sensitive information on the target system.

A local user can bypass ASLR security on the target system.

A local user can obtain kernel-level privileges on the target system.

Solution:   The vendor has issued a fix.

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms16-135

Vendor URL:  technet.microsoft.com/library/security/ms16-135 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC