Rewterz Threat Advisory – IBM FlashSystem V840 Apache Struts Arbitrary Code Execution Vulnerability
February 21, 2019Rewterz Threat Alert – Cyber Actors Exploit Website Secure Certificates in Phishing Campaigns
February 21, 2019Severity
Medium
Analysis Summary
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.
To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.
Impact
Security bypass
Affected Products
- Microsoft PowerShell Core 6.1
- Microsoft PowerShell Core 6.2
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows 10 Version 1607 for 32-bit Systems
- Microsoft Windows 10 Version 1607 for x64-based Systems
- Microsoft Windows 10 version 1703 for 32-bit Systems
- Microsoft Windows 10 version 1703 for x64-based Systems
- Microsoft Windows 10 version 1709 for 32-bit Systems
- Microsoft Windows 10 Version 1709 for ARM64-based Systems
- Microsoft Windows 10 version 1709 for x64-based Systems
- Microsoft Windows 10 Version 1803 for 32-bit Systems
- Microsoft Windows 10 Version 1803 for ARM64-based Systems
- Microsoft Windows 10 Version 1803 for x64-based Systems
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for ARM64-based Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 1709
- Microsoft Windows Server 1803
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
Remediation
Vendor has released update for the affected product.
Update to version 6.1.3.