Описание
Windows Defender Application Control Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could circumvent PowerShell Core Constrained Language Mode on the machine.
To exploit the vulnerability, an attacker would first have administrator access to the local machine where PowerShell is running in Constrained Language mode. By doing that an attacker could access resources in an unintended way.
The update addresses the vulnerability by correcting how PowerShell functions in Constrained Language Mode.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| PowerShell Core 6.1 | ||
| PowerShell Core 6.2 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
System.Management.Automation subject to bypass via script debugging
Уязвимость средства контроля приложений Управление приложениями в Защитнике Windows (Windows Defender Application Control, WDAC) расширяемого средства автоматизации PowerShell Core, позволяющая нарушителю обойти режим PowerShell Core Constrained Language Mode и оказать воздействие на целостность, конфиденциальность и доступность защищаемой информации
EPSS