Microsoft Windows File System CVE-2016-3258 Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists in the Windows kernel that could allow an attacker to exploit time of check time of use (TOCTOU) issues in file path-based checks from a low-integrity application. An attacker who successfully exploited this vulnerability could potentially modify files outside of a low-integrity level application. To exploit the vulnerability, an attacker would need to take advantage of another vulnerability to compromise the sandbox process from a low-integrity application. The security update addresses the vulnerability by adding a validation check on how a low-integrity application can use certain object manager features.
Affected Applications
Windows 10
Windows RT 8.1
Windows Server 2012
Windows 8