Описание
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
FAQ
What privileges would an attacker gain by successfully exploiting this vulnerability?
An attacker who successfully exploited this vulnerability could potentially leak data from the target enclave or execute code within the context of the target enclave.
Are there any additional steps that I need to follow to be protected from this vulnerability?
The changes to address this vulnerability updated Virtual Secure Mode components. The policy described in Guidance for blocking rollback of Virtualization-based Security (VBS) related security updates has been updated to account for the latest changes. If you deployed this policy, then you'll need to redeploy using the updated policy.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 11 Version 22H2 for ARM64-based Systems | ||
| Windows 11 Version 22H2 for x64-based Systems | ||
| Windows 11 Version 23H2 for ARM64-based Systems | ||
| Windows 11 Version 23H2 for x64-based Systems | ||
| Windows 11 Version 24H2 for ARM64-based Systems | ||
| Windows 11 Version 24H2 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
7.8 High
CVSS3
Связанные уязвимости
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Уязвимость доверенной среды выполнения Virtualization-Based Security (VBS) Enclave операционных систем Microsoft Windows, позволяющая нарушителю повысить свои привилегии
EPSS
7.8 High
CVSS3