Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows NTFS Information Disclosure Vulnerability via TOCTOU Race Condition
Vulnerability
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been identified in the Windows NTFS file system. This vulnerability allows an unauthorized attacker to locally disclose information by exploiting the race condition. Successful exploitation could lead to unauthorized access to kernel memory contents from a user mode process.
Impact
Exploitation of this vulnerability could result in unauthorized information disclosure, specifically allowing an attacker to read kernel memory contents from a user mode process.
Remediation
Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates are available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5063871, KB5063889, KB5063875, KB5063709, KB5063906, KB5063947, KB5063888, KB5063948, KB5063878, KB5064010, KB5063899, and KB5063950.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
2.5exploitability
4.3remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.