Microsoft CVE-2019-0631: Windows Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows validates User Mode Code Integrity policies.
Solution(s)
- msft-kb4486996-276d9f15-a4ba-4682-88aa-dbc6a7dd6473
- msft-kb4486996-48e7b820-42a1-48df-8c60-3cc793715032
- msft-kb4486996-a54c01ab-09c3-44d8-a43e-43ae56ec00f3
- msft-kb4487017-048720ff-774b-4d24-bfab-5066f09875c2
- msft-kb4487017-0b675ccd-56fb-4169-9bb7-c693c34667fe
- msft-kb4487017-79e70bc9-237e-4486-9ac8-dd8a85880a4e
- msft-kb4487018-30238546-bfa6-4811-a777-9f9195330949
- msft-kb4487018-cb3d541d-3e9a-46ac-a99c-9de153b7a8be
- msft-kb4487020-326ccfdc-ae78-46a1-b874-6bfdec44e711
- msft-kb4487020-d60c8faf-aa56-4418-9e62-18581894cb5e
- msft-kb4487026-3c1ae2cf-5238-4010-a0ae-585b4fdad784
- msft-kb4487026-85c7e18d-15ca-473b-95a6-ca8c98f8309a
- msft-kb4487026-b21493c2-2162-4783-8997-149684faf4f5
- msft-kb4487044-6c65ef6d-dadd-42aa-964d-9d2518a6c5da
- msft-kb4487044-7bd7b9f5-36c8-424f-afbc-1756008de158
- msft-kb4487044-db969415-41ab-4f72-bdff-33d8e4e5e7ea
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center