PT-2019-2779 · Microsoft · Windows Defender Application Control

Publicado

2019-07-16

Atualizado

2020-08-24

CVE-2019-1167

CVSS v2.0

6.0

Média

Vetor

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows Defender Application Control (WDAC) (affected versions not specified)

Description A security feature bypass issue exists in Windows Defender Application Control (WDAC), potentially allowing an attacker to bypass WDAC enforcement. The vulnerability is related to errors in security settings and could enable an attacker to bypass the PowerShell Core Constrained Language Mode, impacting the integrity, confidentiality, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-254

Identificadores relacionados

BDU:2019-02727

CVE-2019-1167

GHSA-5FRH-8CMJ-GC59

Produtos afetados

Windows Defender Application Control

PT-2019-2779 · Microsoft · Windows Defender Application Control

CVE-2019-1167

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7