CVE-2017-11823

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 versions Gold, 1511, 1607, and 1703 Windows Server 2016

Description The issue is related to how Microsoft Device Guard handles Windows PowerShell sessions, allowing a security feature bypass. This is due to insufficient access restrictions in the Microsoft Device Guard component, which is responsible for protecting the integrity of hardware and software. An attacker, acting locally, can exploit this issue to bypass integrity checks and inject malicious code into a trusted PowerShell process.

Recommendations For Microsoft Windows 10 versions Gold, 1511, 1607, and 1703: Update to a version that includes the fix for this security feature bypass issue. For Windows Server 2016: Apply the necessary security updates to resolve the issue. As a temporary workaround, consider restricting access to Windows PowerShell sessions to minimize the risk of exploitation.