Microsoft Device Guard Code Integrity Policy CVE-2018-8212 Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
Affected Applications
Windows 10
Windows Server 2016
Windows Server version 1709 (Server Core Installation)
Windows Server version 1803 (Server Core Installation)