CVE-2025-59033

Name of the Vulnerable Software and Affected Versions: Windows versions (affected versions not specified)

Description: The Microsoft vulnerable driver block list, implemented as Windows Defender Application Control (WDAC) policy, does not properly block entries specifying the signing certificate’s TBS hash along with a 'FileAttribRef' qualifier on systems without hypervisor-protected code integrity (HVCI) enabled. This allows bypassing of intended security restrictions. The vendor recommends using App Control for systems without HVCI and a granular approach for custom blocklist entries.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.