QwikSec

Security Database

CVE

CWE

Training

CVE-2017-8625

Published: Aug 8, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability".

Vendor	Product	Versions
Microsoft Corporation	Internet Explorer	affected `Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625

https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442

vdb-entry

vdb-entry

https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.