Microsoft CVE-2018-8132: Windows Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows validates User Mode Code Integrity policies.
Solution(s)
- msft-kb4103716-34e04a3c-fab2-4a5e-b231-a37aac882e0f
- msft-kb4103716-8759c2a2-230b-4089-9c04-586cf2746a71
- msft-kb4103721-eb863932-a151-446c-8884-ab5add176f94
- msft-kb4103721-f7846ea0-3bd9-48a2-b230-0be2ad24b4ea
- msft-kb4103721-fdd62b2a-0e40-4c06-b153-7d2f5e45f613
- msft-kb4103723-54f93c06-1d96-40f5-bdc8-f9924dbcd522
- msft-kb4103723-99a0b90d-2519-4700-be0c-e6c7b5bd04ec
- msft-kb4103723-a74a9c4e-0823-4afc-8b58-cf1785a2e2b4
- msft-kb4103727-0dae0270-e483-4c81-9914-263ec487c6c1
- msft-kb4103727-6108aff5-77b2-4684-b1cb-749f3c040d8f
- msft-kb4103727-c03178c9-b5d2-4c5f-819f-c8871513e23d
- msft-kb4103731-610e3534-770e-4bab-845a-0159c0645106
- msft-kb4103731-f80f24fa-933a-44d1-a83a-8013a727d881
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center