First published: Tue Mar 05 2019(Updated: )
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Powershell Core | =6.1 | |
Microsoft Powershell Core | =6.2 | |
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1703 | |
Microsoft Windows 10 | =1709 | |
Microsoft Windows 10 | =1803 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2016 | =1709 | |
Microsoft Windows Server 2016 | =1803 | |
Microsoft Windows Server 2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-0631 is a security feature bypass vulnerability in Windows that could allow an attacker to bypass Device Guard.
CVE-2019-0631 has a severity value of 7.8 (high).
The affected software products include Microsoft Powershell Core versions 6.1 and 6.2, as well as various versions of Microsoft Windows 10 and Windows Server 2016/2019.
By exploiting CVE-2019-0631, an attacker can bypass Device Guard, potentially allowing them to execute malicious code.
Yes, Microsoft has released a security advisory with guidance on how to mitigate the vulnerability. Please refer to the provided references for more information.