Security Feature Bypass in Windows Defender Application Control by Microsoft
CVE-2019-1167

4.1MEDIUM

Key Information:

Vendor: Microsoft
Status: Powershell Core
Vendor: CVE Published:; 19 July 2019

Summary

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) that enables attackers to circumvent WDAC enforcement mechanisms. This bypass could allow unauthorized applications to execute on systems where WDAC is intended to provide protection. Users of affected Microsoft products should take action to ensure that their security settings are appropriately configured and that they are using the latest updates to mitigate potential risks associated with this vulnerability.

Affected Version(s)

PowerShell Core 6.1

PowerShell Core 6.2

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2019
Vulnerability Reserved
Nov 26, 2018