McAfee Application Control swin. sys Kernel Driver Denial of Service Vulnerability (CVE-2016-1715)
Affected Systems:
McAfee Application Control 6.2.0
McAfee Application Control 6.1.3
McAfee Application Control 6.1.2
McAfee Application Control 6.1.1
McAfee Application Control 6.1.0
Description:
CVE (CAN) ID: CVE-2016-1715
McAfee Application Control is a centrally managed whitelist solution.
On 32-bit Windows, McAfee Application Control (MAC) 6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.2.0 versions of swin. the sys kernel driver allows local users to cause denial of service (memory corruption and system crash) or escalate permissions through 768 system calls, and trigger the zero write operation at any kernel memory location.
<* Source: McAfee
Link: http://www.zerodayinitiative.com/advisories/ZDI-16-007/
*>
Suggestion:
Vendor patch:
McAfee
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://kc.mcafee.com/corporate/index? Page = content & id = SB10145