2018
04.18

The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumventing Device Guard policies.

No Comment.

Add Your Comment

You must be logged in to post a comment.