Microsoft Windows Kernel Local Elevation Of Privilege Vulnerability (CVE-2016-0079)
2016年10月26日
危険度: 緊急
概要
A local privilege escalation vulnerability was discovered within Microsoft Windows. It abuses the issue that a registry hive file will be opened in write mode if opening it in read mode fails. This, combined with the fact that the log files created when opening a hive in write mode are effectively owned by the system yet can also be modified by a user, allows normal users to overwrite critical system files. Successful exploitation of this issue may lead to local privilege escalation.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1007988