Endpoint Vulnerability

Microsoft: Windows Secure Kernel Mode Information Disclosure Vulnerability

Description

An information disclosure vulnerability exists when Windows Secure Kernel Mode improperly handles objects in memory. A locally authenticated attacker who successfully exploited this vulnerability could be able to read sensitive information on the target system. To exploit this vulnerability, an attacker could run a specially crafted application on the target system. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system. The update addresses the vulnerability by correcting how Windows Secure Kernel Mode handles objects in memory.

Affected Products

Windows 10

References

CVE-2016-3344,