Microsoft · Windows · CVE-2025-59033
Name of the Vulnerable Software and Affected Versions:
Windows versions (affected versions not specified)
Description:
The Microsoft vulnerable driver block list, implemented as Windows Defender Application Control (WDAC) policy, does not properly block entries specifying the signing certificate’s TBS hash along with a 'FileAttribRef' qualifier on systems without hypervisor-protected code integrity (HVCI) enabled. This allows bypassing of intended security restrictions. The vendor recommends using App Control for systems without HVCI and a granular approach for custom blocklist entries.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.