First published: Tue Mar 05 2019(Updated: )
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Powershell Core | =6.1 | |
Microsoft Powershell Core | =6.2 | |
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1703 | |
Microsoft Windows 10 | =1709 | |
Microsoft Windows 10 | =1803 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2016 | =1709 | |
Microsoft Windows Server 2016 | =1803 | |
Microsoft Windows Server 2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-0632 is a security feature bypass vulnerability in Windows that allows an attacker to bypass Device Guard.
The severity of CVE-2019-0632 is high with a CVSS score of 7.8.
Microsoft PowerShell Core versions 6.1 and 6.2, as well as Microsoft Windows 10 versions 1607, 1703, 1709, 1803, and 1809, and Microsoft Windows Server 2016 and 2019 are affected by CVE-2019-0632.
CVE-2019-0632 allows an attacker to bypass Device Guard, which could potentially allow them to further compromise a system's security.
You can find more information about CVE-2019-0632 on the following websites: http://www.securityfocus.com/bid/106880 and https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0632