Microsoft Win32k CVE-2016-0175 Information Disclosure Vulnerability
Description
An Information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.
Affected Applications
Windows RT 8.1
Windows Vista x64 Edition Service Pack 2
Windows Server 2012
Windows 8
Windows 7
Windows 10
Windows Server 2008
Windows Vista Service Pack 2