1579 matches found
Windows NSA Information Assurance: Locklevel
Windows NSA Information Assurance LOCKLEVEL was a rapidly built prototype that demonstrates a method for scoring how well Windows systems have implemented some of the NSA Information Assurance top 10 mitigation strategies . This prototype is being shared to encourage industry adoption of these...
Automatically Exercise BloodHound Attack Plan: GoFetch
GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application. GoFetch first loads a path of local admin users and computers generated by BloodHound and converts it to its own attack plan format. Once the attack plan is ready, GoFetch advances towards the...
Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)
The Server Message Block version 1 SMBv1 — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 1709 Redstone 3 Update. The SMBv1 is one of the internet's most ancient networking protocols that...
CVE-2017-0219
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Poli...
CVE-2017-0173
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass...
CVE-2017-0218
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Poli...
CVE-2017-0219
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Poli...
Security feature bypass
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass...
Security feature bypass
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass...
Security feature bypass
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Poli...
Security feature bypass
Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Featu...
CVE-2017-0173
Technical details such as affected builds, vulnerable components, exploitability, and fixes are not provided in the attached documents. Monitor for updates from Microsoft/MSRC and ENISA EUVD entries for specifics.
CVE-2017-0216
CVE-2017-0216 affects Microsoft Windows 10 (versions 1511, 1607) and Windows Server 2016, enabling a security feature bypass in Device Guard Code Integrity Policy that could allow an attacker to inject malicious code into a Windows PowerShell session. The underlying issue is a bypass of Code Inte...
CVE-2017-0173
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass...
CVE-2017-0218
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Poli...
CVE-2017-0219
Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Poli...
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code...
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code...
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code...
Microsoft Device Guard Code Integrity Policy Security Feature Bypass (CVE-2017-0215)
A security feature bypass vulnerability exists in Microsoft Windows Device Guard. The vulnerability is due to the way Device Guard improperly validates certain elements of a signed PowerShell script. A remote attacker could exploit this vulnerability by enticing a target user to open a specially...