FortiClient Vulnerability

Microsoft Windows File System CVE-2016-3258 Security Feature Bypass Vulnerability

Description

A security feature bypass vulnerability exists in the Windows kernel that could allow an attacker to exploit time of check time of use (TOCTOU) issues in file path-based checks from a low-integrity application. An attacker who successfully exploited this vulnerability could potentially modify files outside of a low-integrity level application. To exploit the vulnerability, an attacker would need to take advantage of another vulnerability to compromise the sandbox process from a low-integrity application. The security update addresses the vulnerability by adding a validation check on how a low-integrity application can use certain object manager features.

Affected Applications

Windows 10
Windows RT 8.1
Windows Server 2012
Windows 8

CVE References

CVE-2016-3258

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3258

ID	51577
Created	Sep 25, 2018
Description Updated	Dec 21, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Microsoft
Patch	auto
Application	Windows 10 , Windows RT 8.1 , Windows Server 2012 , Windows 8

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Microsoft Windows File System CVE-2016-3258 Security Feature Bypass Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Microsoft Windows File System CVE-2016-3258 Security Feature Bypass Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center