
====================================================================

                                  CERT-Renater

                      Note d'Information No. 2016/VULN201
_____________________________________________________________________

DATE                : 11/05/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows version 10 running Virtual Secure Mode.

======================================================================
KB3155451
https://technet.microsoft.com/en-us/library/security/MS16-066
____________________________________________________________________

Microsoft Security Bulletin MS16-066 - Important Security Update for
Virtual Secure Mode (3155451)

Published: May 10, 2016

Version: 1.0

Executive Summary

This security update resolves a vulnerability in Microsoft Windows. The
vulnerability could allow security feature bypass if an attacker runs a
specially crafted application to bypass code integrity protections in
Windows.

This security update is rated Important for all supported editions of
Microsoft Windows 10.


Affected Software

Windows 10


Vulnerability Information

Hypervisor Code Integrity Security Feature Bypass - CVE-2016-0181

A security feature bypass vulnerability exists when Windows incorrectly
allows certain kernel-mode pages to be marked as Read, Write, Execute
(RWX) even with Hypervisor Code Integrity (HVCI) enabled.

To exploit this vulnerability, an attacker could run a specially
crafted application to bypass code integrity protections in Windows.
The security update addresses the vulnerability by correcting security
feature behavior to preclude the incorrect marking of RWX pages under
HVCI.

The following table contains a link to the standard entry for each
vulnerability in the Common Vulnerabilities and Exposures list:

Vulnerability Title    CVE number 	Publicly disclosed   Exploited

Hypervisor Code Integrity
Security Feature Bypass	  CVE-2016-0181	     No	             No

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================