Advisory Details

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the cng.sys driver. The issue lies in a series of IOCTLs that return pointers to functions within the driver. An attacker can leverage this together with another vulnerability to achieve code execution under the context of SYSTEM.

• 2015-03-19 - Vulnerability reported to vendor
• 2015-05-12 - Coordinated public release of advisory