Rapid7 Vulnerability & Exploit Database

MS16-034: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

MS16-034: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
03/08/2016
Created
07/25/2018
Added
03/08/2016
Modified
11/18/2021

Description

Multiple Win32k elevation of privilege vulnerabilities exist when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Solution(s)

  • WINDOWS-HOTFIX-MS16-023-0c7e9829-cc88-4af8-ae95-e2823ab2cbfa
  • WINDOWS-HOTFIX-MS16-023-3f5f2fab-88aa-4fbf-975d-94424a363208
  • WINDOWS-HOTFIX-MS16-023-62cef694-cd47-4d46-be15-e0a592991d07
  • WINDOWS-HOTFIX-MS16-023-a52756d1-e676-45c3-8fa3-af607ba9a62e
  • WINDOWS-HOTFIX-MS16-034-01521c8a-49a3-4e72-a6e8-a0e732b28ca8
  • WINDOWS-HOTFIX-MS16-034-11977085-9c3b-44f5-936c-547475ebbf9e
  • WINDOWS-HOTFIX-MS16-034-1fd0ebac-b709-43f1-825e-10741f0c811a
  • WINDOWS-HOTFIX-MS16-034-23f23963-029c-42b9-862d-ea5eda591999
  • WINDOWS-HOTFIX-MS16-034-2f803ae0-fd2f-4fa6-8d14-3a971b06bad5
  • WINDOWS-HOTFIX-MS16-034-49d3b43e-1e4e-4609-9723-f65b304b631f
  • WINDOWS-HOTFIX-MS16-034-7e87f99a-9c9f-4742-bf19-add672d08175
  • WINDOWS-HOTFIX-MS16-034-83bf25a5-fab8-43b8-958a-249d9c3ef032
  • WINDOWS-HOTFIX-MS16-034-91a9f16e-a6a4-44d6-a6e3-5c5a32a88f2f
  • WINDOWS-HOTFIX-MS16-034-92c2c150-ea6c-41f2-8e35-6f419cd5450b
  • WINDOWS-HOTFIX-MS16-034-9914e941-d848-42eb-80be-e95b70e88215
  • WINDOWS-HOTFIX-MS16-034-9c55ba82-8ad8-4c59-9f7e-db270867c041
  • WINDOWS-HOTFIX-MS16-034-a0a0d57e-6868-4326-8d0d-6716e56c65be
  • WINDOWS-HOTFIX-MS16-034-b390eeb9-43bb-4262-b715-cb923ce495b2
  • WINDOWS-HOTFIX-MS16-034-be92c772-2e69-4315-bebe-4e6d8985a0b9
  • WINDOWS-HOTFIX-MS16-034-bf8e47dc-59af-4825-9414-40bd21c6ec0c
  • WINDOWS-HOTFIX-MS16-034-d18ed190-87e2-468e-bb18-18c28077109e
  • WINDOWS-HOTFIX-MS16-034-e2884557-b641-4a6b-ad2e-f97312385fe4

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;