KLA11046
Security feature bypass vulnerabilities in Windows Device Guard
Updated: 06/26/2019
Detect date
?
06/13/2017
Severity
?
Warning
Description

Multiple serious vulnerabilities have been found in Microsoft Windows Device Guard. By exploiting these vulnerabilities malicious users can bypass security restrictions. These vulnerabilities can be exploited locally via specially designed code that is to be injected into a script trusted by the Code Integrity policy.

Affected products

Microsoft Windows 10 
Microsoft Windows Server 2016

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2017-0215
CVE-2017-0173
CVE-2017-0218
CVE-2017-0216
CVE-2017-0219

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Related products
Microsoft Windows 10
CVE-IDS
?
CVE-2017-02194.6Warning
CVE-2017-02184.6Warning
CVE-2017-02154.6Warning
CVE-2017-02164.6Warning
CVE-2017-01734.6Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

4022714
4022727
4022715