Microsoft Windows Kernel Local Elevation Of Privilege Vulnerability (CVE-2016-0075)
Publish Date: 26 de października de 2016
Severity: : Critical
DESCRIPTION
A vulnerability was discovered within Microsoft Windows 10 that could lead to an arbitrary registry key access. The root cause of this vulnerability comes from kernel not checking for user while creating hardware profile subkeys in HKLM, which are created with full permission to the owner which is the user and also inherits the parent ACLs. A successfully exploitation of this issue could allow an attacker to elevate privileges when used for SymLink.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1007988