Lucene search
K

77 matches found

Microsoft KB
Microsoft KB
added 2016/12/13 8:0 a.m.48 views

December 13, 2016 — KB3205386 (OS Build 10586.713)

December 13, 2016 — KB3205386 OS Build 10586.713 Improvements and fixes This security update includes these additional improvements and fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer. Addressed issue with...

9.3CVSS7.4AI score0.73289EPSS
Exploits11
ThreatPost
ThreatPost
added 2016/08/10 10:0 a.m.13 views

Windows 10 Attack Surface Grows with Linux Support in Anniversary Update

Microsoft’s release of Windows Anniversary Update last week included an optional feature called Windows Subsystem for Linux that allows native support for Linux binaries. That has some security experts concerned the Windows 10 attack surface has been expanded. The threat, according to Alex Ionesc...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/07/19 12:0 a.m.50 views

Microsoft Windows AppLocker Configuration

Nessus was able to collect AppLocker configuration information on the remote Windows host and generate a report as a CSV attachment. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid92362; scriptversion"1.6"; scriptsetattributeattribute:"pluginmodificationdate",...

5.4AI score
Exploits0
myhack58
myhack58
added 2016/04/28 12:0 a.m.24 views

Windows 1 0 vulnerability exposure:hackers to remotely control computers-vulnerability warning-the black bar safety net

Recently a new Win10 vulnerability is exposed, the security tools AppLocker there is a serious problem, the attacker can add a program to the black list, the collapse of the user's computer defence, so as to facilitate the control computer, to achieve remote control purposes. ! Win10 aeration...

2.7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/04/21 8:38 p.m.15 views

Core Windows Utility Can Be Used to Bypass AppLocker

A core Windows command-line utility, Regsvr32, used to register DLLs to the Windows Registry can be abused to run remote code from the Internet, bypassing whitelisting protections such as Microsoft’s AppLocker. A researcher who requested anonymity found and privately disclosed the issue to...

0.9AI score
Exploits0References2
0day.today
0day.today
added 2016/03/03 12:0 a.m.25 views

AppLocker - Execution Prevention Bypass (Metasploit)

Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'AppLocker Execution Prevention Bypass', 'Description' = %q This module will generate a .NET...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/03 12:0 a.m.29 views

AppLocker Execution Prevention Bypass

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'AppLocker Execution Prevention Bypass', 'Description' = %q This module will generate a .NET service executable on the target and utilise InstallUtil to...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2016/03/03 12:0 a.m.37 views

AppLocker - Execution Prevention Bypass (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'AppLocker Execution Prevention Bypass', 'Description' = %q This module will generate a .NET service executable on the target and utilise InstallUtil to...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2016/02/18 3:46 a.m.28 views

AppLocker Execution Prevention Bypass

This module will generate a .NET service executable on the target and utilize InstallUtil to run the payload bypassing the AppLocker protection. Currently only the InstallUtil method is provided, but future methods can be added easily. This module requires Metasploit:...

0.2AI score
Exploits0
Kitploit
Kitploit
added 2016/01/23 8:24 p.m.93 views

p0wnedShell - PowerShell Runspace Post Exploitation Toolkit

p0wnedShell is an offensive PowerShell host application written in C that does not rely on powershell.exe but runs powershell commands and functions within a powershell runspace environment .NET. It has a lot of offensive PowerShell modules and binaries included to make the process of Post...

7.4AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/10/11 12:0 a.m.87 views

MS KB2532445: AppLocker Rules Bypass

The remote host is missing Microsoft KB2532445, an update that prevents an attacker from bypassing AppLocker rules by using an Office macro. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid70395; scriptversion"1.7"; scriptcvsdate"Date: 2018/11/15 20:50:28";...

3.6CVSS5.5AI score0.01848EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/03/22 12:0 a.m.25 views

Windows AppLocker Installed

Binary data microsoftapplockerinstalled.nbin...

7.3AI score
Exploits0References1
seebug.org
seebug.org
added 2011/11/16 12:0 a.m.35 views

Microsoft Windows AppLocker规则本地安全绕过漏洞(CVE-2011-4434)

Bugtraq ID: 50687 CVE ID:CVE-2011-4434 AppLocker是Windows 7和Windows Server 2008 R2中的一项新增功能,提供应用程序的访问控制。 通过AppLocker规则控制运行在Windows7或Windows Server 2008 R2上的应用程序时,本地用户可使用某些应用程序中的宏或脚本功能绕过AppLocker规则,如使用Microsoft Office来绕过这个限制。 因此%TEMP%或%system...

3.6CVSS6.5AI score0.01848EPSS
Exploits1
NVD
NVD
added 2011/11/11 9:55 p.m.26 views

CVE-2011-4434

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a 1 macro or 2 scripting feature in an application, as demonstrated by Microsoft Office applications and the...

3.6CVSS5.9AI score0.01848EPSS
Exploits1References1
Cvelist
Cvelist
added 2011/11/11 9:0 p.m.38 views

CVE-2011-4434

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a 1 macro or 2 scripting feature in an application, as demonstrated by Microsoft Office applications and the...

5.9AI score0.01848EPSS
Exploits1References1
CVE
CVE
added 2011/11/11 9:0 p.m.61 views

CVE-2011-4434

CVE-2011-4434 affects Windows 7 SP1 and Windows Server 2008 R2 SP1. It describes a local bypass of AppLocker rules via (1) Office macro or (2) scripting features, demonstrable with SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags. Root cause: AppLocker not properly enforcing rules for certain...

3.6CVSS6.1AI score0.01848EPSS
Exploits1References1Affected Software2
ThreatPost
ThreatPost
added 2009/10/21 9:45 p.m.10 views

Windows 7 Security Story May Appeal to Enterprises

Microsoft Windows 7 is on its way tomorrow, and it is bringing with it a set of security features Microsoft hopes will appeal to enterprises. The Windows 7 security story has three main chapters that have received a fair amount of attention – DirectAccess, BitLocker To Go and AppLocker. With thes...

1.4AI score
Exploits0References2
Rows per page
Query Builder