CVE-2016-3258

EUVD-2016-4295
Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_8.1
*
microsoftwindows_rt_8.1
-
microsoftwindows_server_2012
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB3163912
1511 (x64, x86)
KB3172985
Windows 8.1
(x64, x86)
KB3170377
Windows RT 8.1
All
KB3170377
Windows Server 2012
Server Core
KB3170377
Standard
KB3170377
Windows Server 2012 R2
Server Core
KB3170377
Standard
KB3170377
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/91606
http://www.securitytracker.com/id/1036289
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-092
http://www.securityfocus.com/bid/91606
http://www.securitytracker.com/id/1036289
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-092