March 10, 2026—KB5079466 (OS Build 28000.1719)

March 10, 2026—KB5079466 OS Build 28000.1719 ​​​​​This security update for Windows 11, version 26H1 KB5079466, includes the latest security improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates, optional...

EUVD-2020-28464

Malware in sbrugna...

EUVD-2019-0577

Malware in sbrugna...

EUVD-2020-8844

Malware in sbrugna...

EUVD-2020-2419

Malware in sbrugna...

EUVD-2025-10214

Malicious code in bioql PyPI...

Microsoft Windows inconsistent driver blocking

RISK EVALUATION Microsoft Windows Defender Application Control WDAC and the Microsoft vulnerable driver blocklist do not adequately block known-vulnerable drivers. These unexpected behaviors can confuse users about whether or not driver blocking is working and which drivers are being blocked. 2...

CVE-2025-59033

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control WDAC policy. Entries that specify only the to-be-signed TBS part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a...

CVE-2022-50238

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is...

CVE-2025-59033

The CVE-2025-59033 entry describes a Microsoft Windows WDAC-based vulnerable driver block list where entries that specify the signing certificate’s TBS hash along with a FileAttribRef qualifier (e.g., file name/version) may not be blocked, regardless of HVCI being enabled. Affects the Microsoft v...

CVE-2022-50238

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is...

Microsoft Windows Defender Application Control 安全漏洞

Microsoft Windows Defender Application Control WDAC is a security tool from Microsoft Corporation USA that restricts the operation of programs at the software level by configuring policies to reduce the scope of what hackers can attack. A security vulnerability exists in Microsoft Windows Defende...

CVE-2025-59033

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control WDAC policy. Entries that specify only the to-be-signed TBS part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a...

PT-2025-36472

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list...

BIT-POWERSHELL-2020-0951 Windows Defender Application Control Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...

CVE-2019-1167

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...

CVE-2019-0733

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...

The vulnerability of Windows Defender Application Control (WDAC) in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of Windows Defender Application Control WDAC on Windows operating systems is related to errors in access control. Exploiting this vulnerability can allow a hacker to bypass existing security restrictions...

CVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability

...

PT-2024-8159 · Microsoft · Windows Defender Application Control +1

Name of the Vulnerable Software and Affected Versions: Windows Defender Application Control WDAC affected versions not specified Description: The issue is related to a security feature bypass in Windows Defender Application Control WDAC that affects the data protection mechanism. This could allow...