| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2018-0827 | Windows Security Feature Bypass Vulnerability | Windows 10 | Important | 14-02-2018 |
Technical Information
Brief overview of the risk:
A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.
Detailed Information on the risk:
To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.
The update addresses the vulnerability by correcting how Windows Scripting Host handles objects in memory.
Further information on this exploit is available at : CVE-2018-0827
Affected Software
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows Server version 1709 (Server Core Installation)