Microsoft CVE-2018-0827: Windows Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows Scripting Host handles objects in memory.
Solution(s)
- msft-kb4074588-11adea10-0701-430e-954f-9471595ae246
- msft-kb4074588-9fc64b01-2edc-40c8-bf0d-ee3540c741f8
- msft-kb4074588-aa46db4d-865e-48e7-9fe8-3ffedda76530
- msft-kb4074592-2a7e4366-e91e-4b45-8775-bfc7ab0a86b0
- msft-kb4074592-ffc8aa26-baed-4b03-84de-a404e624d747
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center