Windows Kernel Privilege Escalation Vulnerability CVE-2016-7255

In last post, we had discussed about the McAfee download errors and how McAfee antivirus customer service helps the user to resolve the errors. Now, Here we will discuss about the Escalation Vulnerabilities in Windows.

Microsoft and Adobe had been notified about the vulnerabilities by Google on 21st October. This in turn has helped Adobe update its Flash and Microsoft updated its Edge browser. The Windows Kernel Privilege Escalation Vulnerability: CVE-2016-7255 occurs mainly in the Windows kernel. This local privilege escalation issue leaves you vulnerable to security attacks. This can be exploited by the attackers to execute any malicious code with the elevated privileges and carry out the nefarious activities and take control of the effected system. For this the attacker needs to have local access to the user’s PC. Then this issue was fixed by Adobe as they released the latest updates for Adobe flash.

Some of the vulnerabilities that were addressed in this are:

  • Win32k Information Disclosure Vulnerability
  • Win32k Elevation of Privilege Vulnerability
  • Windows Bowser.sys Information Disclosure Vulnerabilty
  • Win32k Elevation of Privilege Vulnerability
  • Win32k Elevation of Privilege Vulnerability

This Windows Kernel Privilege Escalation Vulnerability CVE-2016-7255 had been exploited by Russian Hacking group Pawn Storm, APT28, Fancy Bear, Sofacy, Sednit, and Tsar Team to target various embassies and government all over the world. The information about such target machines, servers, etc. redirected them to the benign servers.

This attack carried out by sending malicious attachment called “Programm Details.doc”. Opening this RTF document shows the details of a conference, to be held in London in November 2016. Embedded into this RTF document is a Flash file (SWF_CONEX.A). This flash file downloads files from a remote server.

They also used it to conduct malware attacks against aerospace industry journalists investigating crash of MH17 by making use of Windows Kernel Privilege Escalation Vulnerability CVE-2016-7255. It is due to these reasons that it has gained wide media attention. In response to this Microsoft released 14 security bulletins, out of which six of them addressed some critical flaws. These flaws have been used in a low volume spearphishing campaign by STRONTIUM.

After this attack, it has become necessary to think over the security concerns. Hence it is advised to install good antivirus software that takes care of such threats and protect your identity and data. The most crucial factor to be looked into the antivirus is that they must take quick actions to the latest security threats and vulnerabilities available and take appropriate action to fix such vulnerabilities. McAfee is a similar kind of Antivirus software, where the users are secured with any such security threats as the experts always remain updated with the latest information about the threats that are encountered.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s