CVE-2017-8746Corporation Windows Device Guard vulnerability

9 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
1.7%
top 17.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Microsoft Corporation Windows Device GuardMicrosoft Windows 10Msrc Windows 10 Version 1607 FOR 32-bit Systems+4 more
Timeline
PublishedSep 13
Latest updateMay 13

Description

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages7 packages

CVEListV5microsoft_corporation/windows_device_guardWindows 10 1607, 1703, and Windows Server 2016

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-c8pq-63f3-wpjr: Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes fu2022-05-13

📋Vendor Advisories

1
Microsoft
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability2017-09-12

🕵️Threat Intelligence

6
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13
Trendmicro
September Patch Tuesday Fixes MS Office Zero-Day2017-09-13