MS16-135 Microsoft Security Bulletin MS16-135: Security Update for Windows Kernel-Mode Drivers
2016-11-08 This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- Win32k Information Disclosure Vulnerability
- An Information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass.
CVE-2016-7214 - Win32k Elevation of Privilege Vulnerability
- An elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory.
CVE-2016-7215 - Windows Bowser.sys Information Disclosure Vulnerabilty
- An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory.
CVE-2016-7218 - Win32k Elevation of Privilege Vulnerability
- An elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory.
CVE-2016-7246 - Win32k Elevation of Privilege Vulnerability
- An elevation of privilege vulnerability exists when the Windows kernel-mode driver fails to properly handle objects in memory.
CVE-2016-7255
Bulletin details at Microsoft.com
Related CVE Entries
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted application, aka "Win32k Information Disclosure Vulnerability."
Max CVSS
3.3
EPSS Score
0.09%
Published
2016-11-10
Updated
2018-10-12
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
Max CVSS
7.8
EPSS Score
0.06%
Published
2016-11-10
Updated
2018-10-12
Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Windows Bowser.sys Information Disclosure Vulnerability."
Max CVSS
4.7
EPSS Score
0.05%
Published
2016-11-10
Updated
2018-10-12
The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
Max CVSS
7.8
EPSS Score
0.06%
Published
2016-11-10
Updated
2018-10-12
CVE-2016-7255
Known exploited
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
Max CVSS
7.8
EPSS Score
0.64%
Published
2016-11-10
Updated
2018-10-12
CISA KEV Added
2021-11-03