Windows Kernel Information Disclosure Vulnerability

ID MS:CVE-2016-3272
Type mscve
Reporter Microsoft
Modified 2016-07-18T07:00:00


An information disclosure vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle certain page fault system calls. An authenticated attacker who successfully exploited this vulnerability could disclose information from one process to another.

To exploit the vulnerability, an attacker would have to either log on locally to an affected system or convince a locally authenticated user to execute a specially crafted application.

The update addresses this vulnerability by correcting how the Windows kernel handles certain page fault system calls.