Information disclosure in Win32k.sys driver in Windows and Windows Server - CVE-2016-3251

Detailed vulnerability description

The vulnerability allows a local user to gain access to potentially sensitive data.

The vulnerability exists due to out-of-bounds read in Windows GDI component. A local attacker can gain access to potentially sensitive information on the system

Successful exploitation of this vulnerability will allow a local attacker to read potentially sensitive information on the system.

How to mitigate CVE-2016-3251

To resolve this vulnerability vendor recommends installing the following updates:

Windows Vista

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2

Windows Server 2008

Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2

Windows 7

Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

Windows 8.1

Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012
Windows Server 2012 R2

Windows RT 8.1

Use Windows Update to obtain patch.

Windows 10

Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems

Server Core installation option

Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2012 R2

Sources

• https://technet.microsoft.com/en-us/library/security/MS16-090