CVE-2016-7215

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to Windows 10 1709 Windows Server 2016 versions prior to 1709 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 7 SP1 Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1

Description The issue is related to insufficient access restrictions to certain functions in the kernel-mode driver of the Windows operating system. This can be exploited by a local attacker using a specially crafted application to elevate privileges. The vulnerability allows local users to gain privileges, affecting the system.

Recommendations For Windows 10 versions prior to 1709, update to version 1709 or later. For Windows Server 2016 versions prior to 1709, update to version 1709 or later. For Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 7 SP1, Windows Vista SP2, and Windows Server 2008 SP2 and R2 SP1, consider applying security patches or updates as soon as they become available. As a temporary workaround, consider restricting access to the win32k.sys driver to minimize the risk of exploitation.