Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is possible to fully synchronize the driver blocklist using WDAC policies. NOTE: The vendor explains that Windows Update provides a smaller, compatibility-focused driver blocklist for general users, while the full XML list is available for advanced users and organizations to customize at the risk of usability issues.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
缺失同步机制
Vulnerability Title
Microsoft Windows Defender Application Control 安全漏洞
Vulnerability Description
Microsoft Windows Defender Application Control(WDAC)是美国微软(Microsoft)公司的一款安全工具,通过配置策略从软件层面限制程序运行,以减少黑客可以攻击的范围。 Microsoft Windows Defender Application Control存在安全漏洞,该漏洞源于端点驱动阻止列表未完全同步在线推荐规则,可能导致绕过驱动阻止。
CVSS Information
N/A
Vulnerability Type
N/A