Main Vulnerability Database SB2018071024

SB2018071024 - Security restrictions bypass in Microsoft Windows Device Guard

Published: July 10, 2018

Security Bulletin ID SB2018071024

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security restrictions bypass (CVE-ID: CVE-2018-8222)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The vulnerability exists in Device Guard due to improper exposure of functions and processes user supplied code. A local attacker can inject code into a trusted PowerShell process, run it with the same trust level as the script and bypass the Device Guard Code Integrity policy on the local machine.

Remediation

Install update from vendor's website.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8222