Microsoft Windows Kernel CVE-2016-3272 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle certain page fault system calls. An authenticated attacker who successfully exploited this vulnerability could disclose information from one process to another. To exploit the vulnerability, an attacker would have to either log on locally to an affected system or convince a locally authenticated user to execute a specially crafted application. The update addresses this vulnerability by correcting how the Windows kernel handles certain page fault system calls.
Affected Applications
Windows 10
Windows RT 8.1
Windows Server 2012
Windows 8