Описание
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
An attacker who successfully exploited this vulnerability could bypass the Virtualization-based Security feature.
Are the updates for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems currently available?
Yes. As of April 9, 2025, the security update (5055547) for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems are available. Customers running Windows 10 should ensure the update is installed to be protected from this vulnerability.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 10 for 32-bit Systems | ||
| Windows 10 for x64-based Systems | ||
| Windows Server 2016 | ||
| Windows 10 Version 1607 for 32-bit Systems | ||
| Windows 10 Version 1607 for x64-based Systems | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows 10 Version 1809 for 32-bit Systems | ||
| Windows 10 Version 1809 for x64-based Systems | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6 Medium
CVSS3
Связанные уязвимости
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
Уязвимость доверенной среды выполнения Virtualization-Based Security (VBS) Enclave операционных систем Windows, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
6 Medium
CVSS3