Matt Graeber

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to errors in the representation of information by the user interface in Windows operating systems. Exploitation of this issue may allow an attacker to conduct spoofing attacks using a specially crafted malicious HTA file. The estimated number of potentially affected devices worldwide is not available. There is no information provided about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Ferramenta de Diagnóstico de Suporte do Microsoft Windows (MSDT) (versões afetadas não especificadas) **Descrição** O problema está relacionado à validação insuficiente de entradas na Ferramenta de Diagnóstico de Suporte do Microsoft Windows (MSDT). Isso permite que um invasor execute código arbitrário. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** A security feature bypass exists when Windows incorrectly validates CAB file signatures, allowing an attacker to inject code into a CAB file without invalidating the file's signature. To exploit this issue, an attacker could modify a signed CAB file, inject malicious code, and then convince a target user to execute the file. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** To resolve the issue, apply the update that corrects how Windows validates file signatures. At the moment, there is no information about specific steps for each affected version, as the affected versions are not specified.

**Name of the Vulnerable Software and Affected Versions** Windows Defender Application Control (WDAC) (affected versions not specified) **Description** A security feature bypass issue exists, potentially allowing an attacker to bypass enforcement mechanisms. This could impact the integrity, confidentiality, and availability of protected information. The vulnerability is related to errors in security settings and may allow an attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2016 Windows 10 Windows 10 Servers **Description** A security feature bypass issue exists, allowing an attacker to inject malicious code into a Windows PowerShell session. This is related to an improperly implemented security check. The exploitation of this issue could enable a bypass of code integrity checks by injecting malicious code into a trusted PowerShell process. **Recommendations** For Windows Server 2016, Windows 10, and Windows 10 Servers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2016 Windows 10 Windows 10 Servers **Description** A security feature bypass issue exists, allowing an attacker to inject malicious code into a Windows PowerShell session. This is related to an improperly implemented security check. The exploitation of this issue could enable a bypass of code integrity checks by injecting malicious code into a trusted PowerShell process. **Recommendations** For Windows Server 2016, Windows 10, and Windows 10 Servers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2016 Windows 10 Windows 10 Servers **Description** A security feature bypass issue exists, allowing an attacker to inject malicious code into a Windows PowerShell session. This could potentially affect system integrity. **Recommendations** For Windows Server 2016, Windows 10, and Windows 10 Servers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A security-feature bypass issue allows attackers to affect the system. No additional details are provided about the nature of the issue, potential impacts, or the scope of affected devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A security-feature bypass issue allows attackers to affect the system. No additional details are provided about the nature of the issue, potential impacts, or the scope of affected devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A security-feature bypass issue allows attackers to affect the system. No additional details are provided about the nature of the issue, potential impacts, or the scope of affected devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.