==================================================================== CERT-Renater Note d'Information No. 2016/VULN408 _____________________________________________________________________ DATE : 14/12/2016 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows versions Vista, Server 2008, 7, 8.1, 10, RT 8.1,Server 2012, Server 2016 running Windows Kernel-Mode Drivers. ===================================================================== KB3205651 https://technet.microsoft.com/en-us/library/security/MS16-151 ____________________________________________________________________ Microsoft Security Bulletin MS16-151 - Important: Security Update for Windows Kernel-Mode Drivers (3205651) Published Date: December 14, 2016 Version: 1.0 Executive Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. The update addresses the vulnerabilities by correcting how the Windows kernel-mode driver handles objects in memory. This security update is rated Important for all supported releases of Windows. Affected Software Windows Vista Windows Server 2008 Windows 7 Windows Server 2008 R2 Windows 8.1 Windows Server 2012 and Windows Server 2012 R2 Windows RT 8.1 Windows 10 Windows Server 2016 Vulnerability Information Win32k Elevation of Privilege Vulnerability CVE-2016-7259 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability an attacker could run a specially crafted application to take control of the affected system. Vulnerability title CVE number Publicly disclosed Exploited Win32k Elevation of Privilege Vulnerability CVE-2016-7259 No No Win32k Elevation of Privilege Vulnerability CVE-2016-7260 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. Vulnerability title CVE number Publicly disclosed Exploited Win32k Elevation of Privilege Vulnerability CVE-2016-7260 No No ========================================================== Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================