Microsoft Windows AppLocker Rules Local Security Bypass Vulnerability
BID:50687
Info
Microsoft Windows AppLocker Rules Local Security Bypass Vulnerability
| Bugtraq ID: | 50687 |
| Class: | Design Error |
| CVE: |
CVE-2011-4434 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 15 2011 12:00AM |
| Updated: | Nov 15 2011 12:00AM |
| Credit: | Microsoft |
| Vulnerable: |
Microsoft Windows Server 2008 R2 SP1 Microsoft Windows Server 2008 R2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for 32-bit Systems 0 Microsoft Windows 7 |
| Not Vulnerable: | |
Discussion
Microsoft Windows AppLocker Rules Local Security Bypass Vulnerability
Microsoft Windows is prone to a local security-bypass vulnerability.
Attackers can exploit this issue to bypass certain intended security restrictions. Other attacks may also be possible.
Microsoft Windows is prone to a local security-bypass vulnerability.
Attackers can exploit this issue to bypass certain intended security restrictions. Other attacks may also be possible.
Exploit / POC
Microsoft Windows AppLocker Rules Local Security Bypass Vulnerability
Attackers need local interactive access to exploit this issue.
Attackers need local interactive access to exploit this issue.
Solution / Fix
Microsoft Windows AppLocker Rules Local Security Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Microsoft Windows AppLocker Rules Local Security Bypass Vulnerability
References:
References:
- Microsoft Homepage (Microsoft)
- You can circumvent AppLocker rules by using an Office macro on a computer that i (Microsoft)