CVE-2016-3258
MEDIUMMicrosoft Windows Security Feature Bypass via Object Manager Race Condition
Title source: llmDescription
Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass."
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91606
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036289
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-092
Scores
CVSS v3
4.7
EPSS
0.0093
EPSS Percentile
55.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-264
CWE-362
Status
published
Products (6)
microsoft/windows_10
microsoft/windows_10
1511
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2012
microsoft/windows_server_2012
r2
Published
Jul 13, 2016
Tracked Since
Feb 18, 2026