CVE-2016-0175

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT 8.1 Microsoft Windows 10 Gold and 1511

Description The issue allows local users to obtain sensitive information about kernel-object addresses and bypass the KASLR protection mechanism via a crafted application. This is related to a lack of protection for internal data in kernel-mode drivers. The exploitation of this issue can enable a local attacker to gain confidential information and affect the system.

Recommendations For Microsoft Windows Vista SP2, consider applying a patch to fix the kernel-mode driver issue. For Microsoft Windows Server 2008 SP2 and R2 SP1, update the kernel-mode drivers to prevent information disclosure. For Microsoft Windows 7 SP1, apply a security update to address the kernel-object address exposure. For Microsoft Windows 8.1, restrict access to crafted applications that could exploit the kernel-mode driver vulnerability. For Microsoft Windows Server 2012 Gold and R2, implement additional security measures to protect against local attackers exploiting the KASLR bypass. For Microsoft Windows RT 8.1, disable the use of vulnerable font functions until a patch is available. For Microsoft Windows 10 Gold and 1511, update the operating system to a version that includes the fix for the kernel-mode driver information disclosure issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.