MS16-092: Security Update for Windows Kernel (3171910)
Low Nessus Plugin ID 92023
SynopsisThe remote Windows host is affected by multiple vulnerabilities.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities :
- A security feature bypass vulnerability exists in the Windows kernel due to improper validation of how a low integrity application can use certain object manager features. An attacker can exploit this issue to take advantage of time-of-check time-of-use (TOCTOU) issues in file path-based checks from a low integrity application, allowing the attacker to modify files outside of a low integrity level application.
- An information disclosure vulnerability exists in the Windows kernel due to a failure to properly handle certain page fault system calls. A local attacker can exploit this, via a specially crafted application, to disclose information from one process to another.
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, and 10.