Oval Definition:oval:org.cisecurity:def:410
Revision Date:2016-04-15Version:39
Title:Windows Kernel Memory Information Disclosure Vulnerability – CVE-2015-6109 (MS15-115)
Description:The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2015-6109
Platform(s):Microsoft Windows 10
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s):
Definition Synopsis
  • Microsoft Windows 8.1/Server 2012 R2 is installed + Windows OS + file version
  • Microsoft Windows 8.1/Server 2012 R2 is installed
  • Microsoft Windows 8.1 (x86) is installed
  • OR Microsoft Windows 8.1 (x64) is installed
  • OR Microsoft Windows Server 2012 R2 is installed
  • AND Check if Win32k.sys version is less than 6.3.9600.18093
  • OR Microsoft Windows 10 is installed + file version
  • Microsoft Windows 10 is installed
  • Microsoft Windows 10 (32-bit) is installed
  • OR Microsoft Windows 10 (64-bit) is installed
  • AND Check if Win32k.sys version is less than 10.0.10240.16384
  • OR Microsoft Windows 10 Version 1511 is installed + file version
  • Microsoft Windows 10 Version 1511 is installed
  • Microsoft Windows 10 Version 1511 (32-bit) is installed
  • OR Microsoft Windows 10 Version 1511 (64-bit) is installed
  • AND Check if Win32k.sys version is less than 10.0.10586.3
    • BACK