Microsoft Windows Kernel Local Elevation Of Privilege Vulnerability (CVE-2016-0075)
Publish Date: 26 ottobre 2016
Gravità: : Critico
Descrizione
A vulnerability was discovered within Microsoft Windows 10 that could lead to an arbitrary registry key access. The root cause of this vulnerability comes from kernel not checking for user while creating hardware profile subkeys in HKLM, which are created with full permission to the owner which is the user and also inherits the parent ACLs. A successfully exploitation of this issue could allow an attacker to elevate privileges when used for SymLink.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1007988