Endpoint Vulnerability

Windows Security Feature Bypass Vulnerability

Description

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Affected Products

Windows 10,Windows Server 2016

References

CVE-2017-8715,