Security feature bypass in Windows and Windows Server - CVE-2017-11830
Published: November 14, 2017 / Updated: June 17, 2021
Vulnerability identifier: #VU9315
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2017-11830
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Microsoft
Affected software:
Windows
Windows Server
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists when Device Guard incorrectly validates an untrusted file. A remote attacker can make an unsigned file appear to be signed and trusted and trick the victim into executing it.
The vulnerability exists when Device Guard incorrectly validates an untrusted file. A remote attacker can make an unsigned file appear to be signed and trusted and trick the victim into executing it.
How to mitigate CVE-2017-11830
Install updates from vendor's website.