Microsoft Windows Kernel Local Information Disclosure Vulnerability(CVE-2017-8564)

We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys \.\Nsi device discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit workstation, an example layout of the output buffer is as...

Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4025343)

This host is missing a critical security update according to Microsoft KB4025343 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-8564

CVE-2017-8564 is the Windows kernel information disclosure vulnerability where the kernel fails to properly initialize a memory address, potentially allowing an attacker to retrieve kernel base information and bypass KASLR. Affected products include Windows client and server families (Windows 7/8...

Microsoft Windows Kernel CVE-2017-8564 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...