| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-089 | Security Update for Windows Secure Kernel Mode (3170050) | Windows 10 | Important | 13-07-2016 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Windows Secure Kernel Mode improperly handles objects in memory.
Detailed Information on the risk:
An information disclosure vulnerability exists when Windows Secure Kernel Mode improperly handles objects in memory. A locally-authenticated attacker who successfully exploited this vulnerability could be able to read sensitive information on the target system.
To exploit this vulnerability, an attacker could run a specially crafted application on the target system. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system. The update addresses the vulnerability by correcting how Windows Secure Kernel Mode handles objects in memory.
Windows 10 for 32-bit SystemsTo exploit this vulnerability, an attacker could run a specially crafted application on the target system. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system. The update addresses the vulnerability by correcting how Windows Secure Kernel Mode handles objects in memory.
Further information on this exploit is available at : MS16-089
Windows 10 for 64-bit Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for 64-bit Systems
Affected Software
Windows 10 for 32-bit SystemsWindows 10 for 64-bit Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for 64-bit Systems