CVE-2016-3344

Vulnerability

The Secure Kernel Mode (SKM) feature in Microsoft Windows 10 Gold and Windows 10 Version 1511 improperly handles objects in memory, leading to an information disclosure vulnerability [1]. Affected editions include Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, and Windows 10 Version 1511 for x64-based Systems [1].

Exploitation

An attacker must have local access to the system and execute a specially crafted application [1]. The application triggers the memory handling flaw, allowing the attacker to read kernel memory contents [1]. No additional privileges or user interaction beyond running the application are required.

Impact

Successful exploitation results in the disclosure of sensitive information from kernel memory [1]. This could include cryptographic keys, passwords, or other confidential data, compromising system confidentiality. The vulnerability is rated Important with a CVSS v3 score of 3.3 (Low).

Mitigation

Microsoft released security update MS16-113 on September 13, 2016, which addresses this vulnerability [1]. The update corrects how Windows Secure Kernel Mode handles objects in memory. Affected users should apply the appropriate update: KB 3185611 for Windows 10 and KB 3185614 for Windows 10 Version 1511 [1]. No workarounds are documented.