Endpoint Vulnerability

Microsoft: Windows Security Feature Bypass Vulnerability

Description

A security feature bypass exists when Windows incorrectly validates kernel driver signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed drivers into the kernel. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed drivers from being loaded by the kernel. The update addresses the vulnerability by correcting how Windows validates kernel driver signatures.

Affected Products

Windows RT 8.1,Windows Server, version 1709 (Server Core Installation),Windows Server 2016,Windows Server, version 1803 (Server Core Installation),Windows Server 2012,Windows 8,Windows 10,Windows Server 2019

References

CVE-2018-8549,