CVE-2018-8449

Name of the Vulnerable Software and Affected Versions Windows Server 2016 Windows 10 Windows 10 Servers

Description A security feature bypass issue exists due to incorrect validation of untrusted files by Device Guard, allowing attackers to bypass security restrictions using a specially crafted file. This issue is related to errors in file signature verification.

Recommendations For Windows Server 2016, update the Device Guard component to prevent the security feature bypass. For Windows 10, ensure that Device Guard is properly configured to validate file signatures correctly. For Windows 10 Servers, apply the necessary security patches to fix the Device Guard vulnerability. As a temporary workaround, consider restricting the use of Device Guard until a patch is available.