Device Guard Security Feature Bypass Vulnerability - CVE-2017-0007ID: oval:org.secpod.oval:def:39416 | Date: (C)2017-03-16 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A security feature bypass exists when Device Guard does not properly validate certain elements of a signed PowerShell script. An attacker who successfully exploited this vulnerability could modify the contents of a PowerShell script without invalidating the signature associated with the file. Because Device Guard relies on the signature to determine the script is non-malicious, Device Guard could then allow a malicious script to execute. In an attack scenario, an attacker could modify the contents of a PowerShell script without invalidating the signature associated with the file. The update addresses the vulnerability by correcting how Device Guard validates certain elements of signed PowerShell scripts.
Platform: |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |