CVE-2019-1163

Name of the Vulnerable Software and Affected Versions Windows (affected versions not specified)

Description A security feature bypass exists when Windows incorrectly validates CAB file signatures, allowing an attacker to inject code into a CAB file without invalidating the file's signature. To exploit this issue, an attacker could modify a signed CAB file, inject malicious code, and then convince a target user to execute the file. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, apply the update that corrects how Windows validates file signatures. At the moment, there is no information about specific steps for each affected version, as the affected versions are not specified.