Security restrictions bypass in Windows Scripting Host

Published: 2018-03-13 23:28:30
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-0884
CVSSv3 4.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Local
Public exploit Not available
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 10
Windows Server 2016
Vendor URL Microsoft

Security Advisory

1) Security restrictions bypass

Description

The vulnerability allows a local attacker to bypass security restriction on the target system.

The weakness exists due to improper handling of objects in memory in Windows Scripting Host. A local attacker can run a malicious program, bypass Device Guard and circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0884

Back to List