Multiple vulnerabilities in Windows Win32k.sys driver



Published: 2016-08-10
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2016-3311
CVE-2016-3310
CVE-2016-3309
CVE-2016-3308
CWE-ID CWE-119
Exploitation vector Local
Public exploit Vulnerability #3 is being exploited in the wild.
Vulnerable software
Subscribe
Windows
Operating systems & Components / Operating system

Windows Server
Operating systems & Components / Operating system

Windows RT
Operating systems & Components / Operating system

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

Discovered vulnerabilities may allow a local user to elevate privileges on vulnerable system.

1) Elevation of privilege

EUVDB-ID: #VU290

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-3311

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

Vulnerable software versions

Windows: 7 - Vista

Windows Server: 2008 - 2012 R2


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms16-098.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Elevation of privilege

EUVDB-ID: #VU289

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-3310

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

Vulnerable software versions

Windows: 7 - Vista

Windows Server: 2008 - 2012 R2


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms16-098.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Elevation of privilege

EUVDB-ID: #VU288

Risk: Low

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2016-3309

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

Vulnerable software versions

Windows: 7 - Vista

Windows Server: 2008 - 2012 R2


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms16-098.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

4) Elevation of privilege

EUVDB-ID: #VU287

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-3308

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to gain elevated privileges on vulnerable system.

The vulnerability exists due to boundary error in Win32k.sys driver when handling objects in memory. A local user can trigger buffer overflow and execute arbitrary code with SYSTEM privileges.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

Vulnerable software versions

Windows: 7 - Vista

Windows Server: 2008 - 2012 R2


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms16-098.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###