PT-2018-9864 · Microsoft · .Net Framework

James Forshaw

Publicado

2018-05-08

Atualizado

2019-10-03

CVE-2018-1039

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 through 4.7.1

Description: A security feature bypass issue exists that could allow an attacker to bypass Device Guard. This could enable an attacker to circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit this issue, an attacker would first have to access the local machine.

Recommendations: For Microsoft .NET Framework versions 2.0 through 4.7.1, update to a version that includes the fix for this security feature bypass issue to prevent attackers from bypassing Device Guard.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-1039

Produtos afetados

.Net Framework

PT-2018-9864 · Microsoft · .Net Framework

CVE-2018-1039

Identificadores relacionados

Produtos afetados

Referências · 6