Windows Kernel Information Disclosure Vulnerability

2016-07-18T07:00:00
ID MS:CVE-2016-3272
Type mscve
Reporter Microsoft
Modified 2016-07-18T07:00:00

Description

An information disclosure vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle certain page fault system calls. An authenticated attacker who successfully exploited this vulnerability could disclose information from one process to another.

To exploit the vulnerability, an attacker would have to either log on locally to an affected system or convince a locally authenticated user to execute a specially crafted application.

The update addresses this vulnerability by correcting how the Windows kernel handles certain page fault system calls.