CVE-2011-4434

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 R2 and R2 SP1 Microsoft Windows 7 Gold and SP1

Description The issue allows local users to bypass intended access restrictions by exploiting a weakness in how AppLocker rules are enforced. This can be achieved via a macro or scripting feature in an application. For example, Microsoft Office applications can be used to bypass these restrictions, leveraging flags such as SANDBOX INERT and LOAD IGNORE CODE AUTHZ LEVEL.

Recommendations For Microsoft Windows Server 2008 R2 and R2 SP1, consider restricting the use of macros and scripting features in applications until a proper fix is applied. For Microsoft Windows 7 Gold and SP1, avoid using the SANDBOX INERT and LOAD IGNORE CODE AUTHZ LEVEL flags in applications to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.