CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS16-066 | Security Update for Virtual Secure Mode (3155451) | Windows 10 | Important | 11-05-2016 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application to bypass code integrity protections in Windows.
Detailed Information on the risk:
A security feature bypass vulnerability exists when Windows incorrectly allows certain kernel-mode pages to be marked as Read, Write, Execute (RWX) even with Hypervisor Code Integrity (HVCI) enabled.
To exploit this vulnerability, an attacker could run a specially crafted application to bypass code integrity protections in Windows. The security update addresses the vulnerability by correcting security feature behavior to preclude the incorrect marking of RWX pages under HVCI.
Windows 10 for 32-bit SystemsTo exploit this vulnerability, an attacker could run a specially crafted application to bypass code integrity protections in Windows. The security update addresses the vulnerability by correcting security feature behavior to preclude the incorrect marking of RWX pages under HVCI.
Further information on this exploit is available at : MS16-066
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Affected Software
Windows 10 for 32-bit SystemsWindows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems