CVE-2016-7214

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to Windows 10 1709 Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT 8.1 Windows 10 Gold, 1511, and 1607 Windows Server 2016

Description The issue is related to insufficient access restrictions in kernel-mode drivers, allowing local attackers to disclose protected information using a specially crafted application. This can be achieved by bypassing the ASLR protection mechanism. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016, update to a version newer than Windows 10 1709 to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and implementing additional security measures to minimize the risk of exploitation.